From 35d79e894c7f580b5fb985baa05d547fb1ebc40f Mon Sep 17 00:00:00 2001 From: Tim Van Baak Date: Wed, 27 Jan 2021 21:49:10 -0800 Subject: [PATCH 01/67] nixos/nebula: add basic module --- nixos/modules/services/networking/nebula.nix | 187 +++++++++++++++++++ 1 file changed, 187 insertions(+) create mode 100644 nixos/modules/services/networking/nebula.nix diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix new file mode 100644 index 000000000000..84eda281c854 --- /dev/null +++ b/nixos/modules/services/networking/nebula.nix @@ -0,0 +1,187 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.services.nebula; + nebulaDesc = "Nebula VPN service"; + +in +{ + # Interface + + options.services.nebula = { + enable = mkEnableOption nebulaDesc; + + package = mkOption { + type = types.package; + default = pkgs.nebula; + defaultText = "pkgs.nebula"; + description = "Nebula derivation to use."; + }; + + ca = mkOption { + type = types.path; + description = "Path to the certificate authority certificate."; + example = "/etc/nebula/ca.crt"; + }; + + cert = mkOption { + type = types.path; + description = "Path to the host certificate."; + example = "/etc/nebula/host.crt"; + }; + + key = mkOption { + type = types.path; + description = "Path to the host key."; + example = "/etc/nebula/host.key"; + }; + + staticHostMap = mkOption { + type = types.attrsOf (types.listOf (types.str)); + default = {}; + description = '' + The static host map defines a set of hosts with fixed IP addresses on the internet (or any network). + A host can have multiple fixed IP addresses defined here, and nebula will try each when establishing a tunnel. + ''; + example = literalExample '' + { "192.168.100.1" = [ "100.64.22.11:4242" ]; } + ''; + }; + + isLighthouse = mkOption { + type = types.bool; + default = false; + description = "Whether this node is a lighthouse."; + }; + + lighthouses = mkOption { + type = types.listOf types.str; + default = []; + description = '' + List of IPs of lighthouse hosts this node should report to and query from. This should be empty on lighthouse + nodes. The IPs should be the lighthouse's Nebula IPs, not their external IPs. + ''; + example = ''[ "192.168.100.1" ]''; + }; + + listen.host = mkOption { + type = types.str; + default = "0.0.0.0"; + description = "IP address to listen on."; + }; + + listen.port = mkOption { + type = types.port; + default = 4242; + description = "Port number to listen on."; + }; + + punch = mkOption { + type = types.bool; + default = true; + description = '' + Continues to punch inbound/outbound at a regular interval to avoid expiration of firewall nat mappings. + ''; + }; + + tun.disable = mkOption { + type = types.bool; + default = false; + description = '' + When tun is disabled, a lighthouse can be started without a local tun interface (and therefore without root). + ''; + }; + + tun.device = mkOption { + type = types.str; + default = "nebula1"; + description = "Name of the tun device."; + }; + + firewall.outbound = mkOption { + type = types.listOf types.attrs; + default = []; + description = "Firewall rules for outbound traffic."; + example = ''[ { port = "any"; proto = "any"; host = "any"; } ]''; + }; + + firewall.inbound = mkOption { + type = types.listOf types.attrs; + default = []; + description = "Firewall rules for inbound traffic."; + example = ''[ { port = "any"; proto = "any"; host = "any"; } ]''; + }; + + extraConfig = mkOption { + type = types.attrs; + default = {}; + description = "Extra configuration added to the Nebula config file."; + example = literalExample '' + { + lighthouse.dns = { + host = "0.0.0.0"; + port = 53; + }; + } + ''; + }; + }; + + # Implementation + + config = + let + # Convert the options to an attrset. + optionConfigSet = { + pki = { ca = cfg.ca; cert = cfg.cert; key = cfg.key; }; + static_host_map = cfg.staticHostMap; + lighthouse = { am_lighthouse = cfg.isLighthouse; hosts = cfg.lighthouses; }; + listen = { host = cfg.listen.host; port = cfg.listen.port; }; + punchy = { punch = cfg.punch; }; + tun = { disabled = cfg.tun.disable; dev = cfg.tun.device; }; + firewall = { inbound = cfg.firewall.inbound; outbound = cfg.firewall.outbound; }; + }; + + # Merge in the extraconfig attrset. + mergedConfigSet = lib.recursiveUpdate optionConfigSet cfg.extraConfig; + + # Dump the config to JSON. Because Nebula reads YAML and YAML is a superset of JSON, this works. + nebulaConfig = pkgs.writeTextFile { name = "nebula-config.yml"; text = (builtins.toJSON mergedConfigSet); }; + + # The service needs to launch as root to access the tun device, if it's enabled. + serviceUser = if cfg.tun.disable then "nebula" else "root"; + serviceGroup = if cfg.tun.disable then "nebula" else "root"; + + in mkIf cfg.enable { + # Create systemd service for Nebula. + systemd.services.nebula = { + description = nebulaDesc; + after = [ "network.target" ]; + before = [ "sshd.service" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "simple"; + Restart = "always"; + User = serviceUser; + Group = serviceGroup; + ExecStart = "${cfg.package}/bin/nebula -config ${nebulaConfig}"; + }; + }; + + # Open the chosen port for UDP. + networking.firewall.allowedUDPPorts = [ cfg.listen.port ]; + + # Create the service user and its group. + users.users."nebula" = { + name = "nebula"; + group = "nebula"; + description = "Nebula service user"; + isSystemUser = true; + packages = [ cfg.package ]; + }; + users.groups."nebula" = {}; + }; +} From e8eaea9627ce92ae35b0696154f68e00cd14fa7a Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Tue, 9 Feb 2021 20:42:33 -0500 Subject: [PATCH 02/67] nixos/nebula: replace extraConfig option with a settings option --- nixos/modules/services/networking/nebula.nix | 61 +++++++++++++------- 1 file changed, 39 insertions(+), 22 deletions(-) diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index 84eda281c854..888f9f96fbe6 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -7,6 +7,9 @@ let cfg = config.services.nebula; nebulaDesc = "Nebula VPN service"; + format = pkgs.formats.yaml {}; + configFile = format.generate "nebula-config.yml" cfg.settings; + in { # Interface @@ -115,10 +118,14 @@ in example = ''[ { port = "any"; proto = "any"; host = "any"; } ]''; }; - extraConfig = mkOption { - type = types.attrs; + settings = { + type = format.type; default = {}; - description = "Extra configuration added to the Nebula config file."; + description = '' + Nebula configuration. Refer to + + for details on supported values. + ''; example = literalExample '' { lighthouse.dns = { @@ -134,28 +141,38 @@ in config = let - # Convert the options to an attrset. - optionConfigSet = { - pki = { ca = cfg.ca; cert = cfg.cert; key = cfg.key; }; - static_host_map = cfg.staticHostMap; - lighthouse = { am_lighthouse = cfg.isLighthouse; hosts = cfg.lighthouses; }; - listen = { host = cfg.listen.host; port = cfg.listen.port; }; - punchy = { punch = cfg.punch; }; - tun = { disabled = cfg.tun.disable; dev = cfg.tun.device; }; - firewall = { inbound = cfg.firewall.inbound; outbound = cfg.firewall.outbound; }; - }; - - # Merge in the extraconfig attrset. - mergedConfigSet = lib.recursiveUpdate optionConfigSet cfg.extraConfig; - - # Dump the config to JSON. Because Nebula reads YAML and YAML is a superset of JSON, this works. - nebulaConfig = pkgs.writeTextFile { name = "nebula-config.yml"; text = (builtins.toJSON mergedConfigSet); }; - # The service needs to launch as root to access the tun device, if it's enabled. serviceUser = if cfg.tun.disable then "nebula" else "root"; serviceGroup = if cfg.tun.disable then "nebula" else "root"; - in mkIf cfg.enable { + services.nebula.settings = { + pki = { + ca = cfg.ca; + cert = cfg.cert; + key = cfg.key; + }; + static_host_map = cfg.staticHostMap; + lighthouse = { + am_lighthouse = cfg.isLighthouse; + hosts = cfg.lighthouses; + }; + listen = { + host = cfg.listen.host; + port = cfg.listen.port; + }; + punchy = { + punch = cfg.punch; + }; + tun = { + disabled = cfg.tun.disable; + dev = cfg.tun.device; + }; + firewall = { + inbound = cfg.firewall.inbound; + outbound = cfg.firewall.outbound; + }; + }; + # Create systemd service for Nebula. systemd.services.nebula = { description = nebulaDesc; @@ -167,7 +184,7 @@ in Restart = "always"; User = serviceUser; Group = serviceGroup; - ExecStart = "${cfg.package}/bin/nebula -config ${nebulaConfig}"; + ExecStart = "${cfg.package}/bin/nebula -config ${configFile}"; }; }; From b52a8f67dd0256fb3352121db544328dee84143c Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Tue, 9 Feb 2021 20:45:17 -0500 Subject: [PATCH 03/67] nixos/nebula: simply service user logic --- nixos/modules/services/networking/nebula.nix | 112 +++++++++---------- 1 file changed, 56 insertions(+), 56 deletions(-) diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index 888f9f96fbe6..28504cded44c 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -139,66 +139,66 @@ in # Implementation - config = - let - # The service needs to launch as root to access the tun device, if it's enabled. - serviceUser = if cfg.tun.disable then "nebula" else "root"; - serviceGroup = if cfg.tun.disable then "nebula" else "root"; - in mkIf cfg.enable { - services.nebula.settings = { - pki = { - ca = cfg.ca; - cert = cfg.cert; - key = cfg.key; - }; - static_host_map = cfg.staticHostMap; - lighthouse = { - am_lighthouse = cfg.isLighthouse; - hosts = cfg.lighthouses; - }; - listen = { - host = cfg.listen.host; - port = cfg.listen.port; - }; - punchy = { - punch = cfg.punch; - }; - tun = { - disabled = cfg.tun.disable; - dev = cfg.tun.device; - }; - firewall = { - inbound = cfg.firewall.inbound; - outbound = cfg.firewall.outbound; - }; + config = mkIf cfg.enable { + services.nebula.settings = { + pki = { + ca = cfg.ca; + cert = cfg.cert; + key = cfg.key; }; + static_host_map = cfg.staticHostMap; + lighthouse = { + am_lighthouse = cfg.isLighthouse; + hosts = cfg.lighthouses; + }; + listen = { + host = cfg.listen.host; + port = cfg.listen.port; + }; + punchy = { + punch = cfg.punch; + }; + tun = { + disabled = cfg.tun.disable; + dev = cfg.tun.device; + }; + firewall = { + inbound = cfg.firewall.inbound; + outbound = cfg.firewall.outbound; + }; + }; - # Create systemd service for Nebula. - systemd.services.nebula = { - description = nebulaDesc; - after = [ "network.target" ]; - before = [ "sshd.service" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { + # Create systemd service for Nebula. + systemd.services.nebula = { + description = nebulaDesc; + after = [ "network.target" ]; + before = [ "sshd.service" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = mkMerge [ + { Type = "simple"; Restart = "always"; - User = serviceUser; - Group = serviceGroup; ExecStart = "${cfg.package}/bin/nebula -config ${configFile}"; - }; - }; - - # Open the chosen port for UDP. - networking.firewall.allowedUDPPorts = [ cfg.listen.port ]; - - # Create the service user and its group. - users.users."nebula" = { - name = "nebula"; - group = "nebula"; - description = "Nebula service user"; - isSystemUser = true; - packages = [ cfg.package ]; - }; - users.groups."nebula" = {}; + } + # The service needs to launch as root to access the tun device, if it's enabled. + (mkIf cfg.tun.disable { + User = "nebula"; + Group = "nebula"; + }) + ]; }; + + # Open the chosen port for UDP. + networking.firewall.allowedUDPPorts = [ cfg.listen.port ]; + + # Create the service user and its group. + users.users."nebula" = { + name = "nebula"; + group = "nebula"; + description = "Nebula service user"; + isSystemUser = true; + packages = [ cfg.package ]; + }; + users.groups."nebula" = {}; + }; } From 9f9e7c181c4aa3247b8b47febdd7f354ca492a0c Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Tue, 9 Feb 2021 20:48:23 -0500 Subject: [PATCH 04/67] nixos/nebula: conditionally provision the nebula user --- nixos/modules/services/networking/nebula.nix | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index 28504cded44c..663accc7464a 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -192,13 +192,15 @@ in networking.firewall.allowedUDPPorts = [ cfg.listen.port ]; # Create the service user and its group. - users.users."nebula" = { - name = "nebula"; - group = "nebula"; - description = "Nebula service user"; - isSystemUser = true; - packages = [ cfg.package ]; + users = mkIf cfg.tun.disable { + users.nebula = { + group = "nebula"; + description = "Nebula service user"; + isSystemUser = true; + packages = [ cfg.package ]; + }; + + groups.nebula = {}; }; - users.groups."nebula" = {}; }; } From 9f1ebd0c104a6bf945989b675a06f673b81eff58 Mon Sep 17 00:00:00 2001 From: Tim Van Baak Date: Sun, 28 Feb 2021 18:31:42 -0800 Subject: [PATCH 05/67] nixos/nebula: Refactor module to allow for multiple nebula services on the same machine --- nixos/modules/services/networking/nebula.nix | 353 ++++++++++--------- 1 file changed, 185 insertions(+), 168 deletions(-) diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index 663accc7464a..31c3da024372 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -5,202 +5,219 @@ with lib; let cfg = config.services.nebula; - nebulaDesc = "Nebula VPN service"; format = pkgs.formats.yaml {}; - configFile = format.generate "nebula-config.yml" cfg.settings; + nameToId = netName: "nebula-${netName}"; in { # Interface - options.services.nebula = { - enable = mkEnableOption nebulaDesc; + options = { + services.nebula = { + networks = mkOption { + description = "Nebula network definitions."; + default = {}; + type = types.attrsOf (types.submodule { + options = { + package = mkOption { + type = types.package; + default = pkgs.nebula; + defaultText = "pkgs.nebula"; + description = "Nebula derivation to use."; + }; - package = mkOption { - type = types.package; - default = pkgs.nebula; - defaultText = "pkgs.nebula"; - description = "Nebula derivation to use."; - }; + ca = mkOption { + type = types.path; + description = "Path to the certificate authority certificate."; + example = "/etc/nebula/ca.crt"; + }; - ca = mkOption { - type = types.path; - description = "Path to the certificate authority certificate."; - example = "/etc/nebula/ca.crt"; - }; + cert = mkOption { + type = types.path; + description = "Path to the host certificate."; + example = "/etc/nebula/host.crt"; + }; - cert = mkOption { - type = types.path; - description = "Path to the host certificate."; - example = "/etc/nebula/host.crt"; - }; + key = mkOption { + type = types.path; + description = "Path to the host key."; + example = "/etc/nebula/host.key"; + }; - key = mkOption { - type = types.path; - description = "Path to the host key."; - example = "/etc/nebula/host.key"; - }; + staticHostMap = mkOption { + type = types.attrsOf (types.listOf (types.str)); + default = {}; + description = '' + The static host map defines a set of hosts with fixed IP addresses on the internet (or any network). + A host can have multiple fixed IP addresses defined here, and nebula will try each when establishing a tunnel. + ''; + example = literalExample '' + { "192.168.100.1" = [ "100.64.22.11:4242" ]; } + ''; + }; - staticHostMap = mkOption { - type = types.attrsOf (types.listOf (types.str)); - default = {}; - description = '' - The static host map defines a set of hosts with fixed IP addresses on the internet (or any network). - A host can have multiple fixed IP addresses defined here, and nebula will try each when establishing a tunnel. - ''; - example = literalExample '' - { "192.168.100.1" = [ "100.64.22.11:4242" ]; } - ''; - }; + isLighthouse = mkOption { + type = types.bool; + default = false; + description = "Whether this node is a lighthouse."; + }; - isLighthouse = mkOption { - type = types.bool; - default = false; - description = "Whether this node is a lighthouse."; - }; + lighthouses = mkOption { + type = types.listOf types.str; + default = []; + description = '' + List of IPs of lighthouse hosts this node should report to and query from. This should be empty on lighthouse + nodes. The IPs should be the lighthouse's Nebula IPs, not their external IPs. + ''; + example = ''[ "192.168.100.1" ]''; + }; - lighthouses = mkOption { - type = types.listOf types.str; - default = []; - description = '' - List of IPs of lighthouse hosts this node should report to and query from. This should be empty on lighthouse - nodes. The IPs should be the lighthouse's Nebula IPs, not their external IPs. - ''; - example = ''[ "192.168.100.1" ]''; - }; + listen.host = mkOption { + type = types.str; + default = "0.0.0.0"; + description = "IP address to listen on."; + }; - listen.host = mkOption { - type = types.str; - default = "0.0.0.0"; - description = "IP address to listen on."; - }; + listen.port = mkOption { + type = types.port; + default = 4242; + description = "Port number to listen on."; + }; - listen.port = mkOption { - type = types.port; - default = 4242; - description = "Port number to listen on."; - }; + punch = mkOption { + type = types.bool; + default = true; + description = '' + Continues to punch inbound/outbound at a regular interval to avoid expiration of firewall nat mappings. + ''; + }; - punch = mkOption { - type = types.bool; - default = true; - description = '' - Continues to punch inbound/outbound at a regular interval to avoid expiration of firewall nat mappings. - ''; - }; + tun.disable = mkOption { + type = types.bool; + default = false; + description = '' + When tun is disabled, a lighthouse can be started without a local tun interface (and therefore without root). + ''; + }; - tun.disable = mkOption { - type = types.bool; - default = false; - description = '' - When tun is disabled, a lighthouse can be started without a local tun interface (and therefore without root). - ''; - }; + tun.device = mkOption { + type = types.nullOr types.str; + default = null; + description = "Name of the tun device. Defaults to nebula.\${networkName}."; + }; - tun.device = mkOption { - type = types.str; - default = "nebula1"; - description = "Name of the tun device."; - }; + firewall.outbound = mkOption { + type = types.listOf types.attrs; + default = []; + description = "Firewall rules for outbound traffic."; + example = ''[ { port = "any"; proto = "any"; host = "any"; } ]''; + }; - firewall.outbound = mkOption { - type = types.listOf types.attrs; - default = []; - description = "Firewall rules for outbound traffic."; - example = ''[ { port = "any"; proto = "any"; host = "any"; } ]''; - }; + firewall.inbound = mkOption { + type = types.listOf types.attrs; + default = []; + description = "Firewall rules for inbound traffic."; + example = ''[ { port = "any"; proto = "any"; host = "any"; } ]''; + }; - firewall.inbound = mkOption { - type = types.listOf types.attrs; - default = []; - description = "Firewall rules for inbound traffic."; - example = ''[ { port = "any"; proto = "any"; host = "any"; } ]''; - }; - - settings = { - type = format.type; - default = {}; - description = '' - Nebula configuration. Refer to - - for details on supported values. - ''; - example = literalExample '' - { - lighthouse.dns = { - host = "0.0.0.0"; - port = 53; + settings = mkOption { + type = format.type; + default = {}; + description = '' + Nebula configuration. Refer to + + for details on supported values. + ''; + example = literalExample '' + { + lighthouse.dns = { + host = "0.0.0.0"; + port = 53; + }; + } + ''; + }; }; - } - ''; + }); + }; }; }; # Implementation - - config = mkIf cfg.enable { - services.nebula.settings = { - pki = { - ca = cfg.ca; - cert = cfg.cert; - key = cfg.key; - }; - static_host_map = cfg.staticHostMap; - lighthouse = { - am_lighthouse = cfg.isLighthouse; - hosts = cfg.lighthouses; - }; - listen = { - host = cfg.listen.host; - port = cfg.listen.port; - }; - punchy = { - punch = cfg.punch; - }; - tun = { - disabled = cfg.tun.disable; - dev = cfg.tun.device; - }; - firewall = { - inbound = cfg.firewall.inbound; - outbound = cfg.firewall.outbound; - }; - }; - - # Create systemd service for Nebula. - systemd.services.nebula = { - description = nebulaDesc; - after = [ "network.target" ]; - before = [ "sshd.service" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = mkMerge [ + config = mkIf (cfg.networks != {}) { + systemd.services = mkMerge (lib.mapAttrsToList (netName: netCfg: + let + networkId = nameToId netName; + settings = lib.recursiveUpdate { + pki = { + ca = netCfg.ca; + cert = netCfg.cert; + key = netCfg.key; + }; + static_host_map = netCfg.staticHostMap; + lighthouse = { + am_lighthouse = netCfg.isLighthouse; + hosts = netCfg.lighthouses; + }; + listen = { + host = netCfg.listen.host; + port = netCfg.listen.port; + }; + punchy = { + punch = netCfg.punch; + }; + tun = { + disabled = netCfg.tun.disable; + dev = if (netCfg.tun.device != null) then netCfg.tun.device else "nebula.${netName}"; + }; + firewall = { + inbound = netCfg.firewall.inbound; + outbound = netCfg.firewall.outbound; + }; + } netCfg.settings; + configFile = format.generate "nebula-config-${netName}.yml" settings; + in { - Type = "simple"; - Restart = "always"; - ExecStart = "${cfg.package}/bin/nebula -config ${configFile}"; - } - # The service needs to launch as root to access the tun device, if it's enabled. - (mkIf cfg.tun.disable { - User = "nebula"; - Group = "nebula"; - }) - ]; - }; + # Create systemd service for Nebula. + "nebula@${netName}" = { + description = "Nebula VPN service for ${netName}"; + after = [ "network.target" ]; + before = [ "sshd.service" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = mkMerge [ + { + Type = "simple"; + Restart = "always"; + ExecStart = "${netCfg.package}/bin/nebula -config ${configFile}"; + } + # The service needs to launch as root to access the tun device, if it's enabled. + (mkIf netCfg.tun.disable { + User = networkId; + Group = networkId; + }) + ]; + }; + }) cfg.networks); - # Open the chosen port for UDP. - networking.firewall.allowedUDPPorts = [ cfg.listen.port ]; + # Open the chosen ports for UDP. + networking.firewall.allowedUDPPorts = + lib.unique (lib.mapAttrsToList (netName: netCfg: netCfg.listen.port) cfg.networks); - # Create the service user and its group. - users = mkIf cfg.tun.disable { - users.nebula = { - group = "nebula"; - description = "Nebula service user"; - isSystemUser = true; - packages = [ cfg.package ]; - }; + # Create the service users and groups. + users.users = mkMerge (lib.mapAttrsToList (netName: netCfg: + mkIf netCfg.tun.disable { + ${nameToId netName} = { + group = nameToId netName; + description = "Nebula service user for network ${netName}"; + isSystemUser = true; + packages = [ netCfg.package ]; + }; + }) cfg.networks); - groups.nebula = {}; - }; + users.groups = mkMerge (lib.mapAttrsToList (netName: netCfg: + mkIf netCfg.tun.disable { + ${nameToId netName} = {}; + }) cfg.networks); }; -} +} \ No newline at end of file From 511465ade01d1a677d2ddc32b2fa62d1bc651271 Mon Sep 17 00:00:00 2001 From: Tim Van Baak Date: Sun, 28 Feb 2021 18:35:16 -0800 Subject: [PATCH 06/67] nixos/nebula: Remove unnecessary package from service user --- nixos/modules/services/networking/nebula.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index 31c3da024372..b936b2a1cf38 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -211,7 +211,6 @@ in group = nameToId netName; description = "Nebula service user for network ${netName}"; isSystemUser = true; - packages = [ netCfg.package ]; }; }) cfg.networks); From 17430ea40a12de82bb846edd23901425c9b96c1a Mon Sep 17 00:00:00 2001 From: Tim Van Baak Date: Mon, 1 Mar 2021 20:21:27 -0800 Subject: [PATCH 07/67] nixos/nebula: Remove default punch option in favor of setting it through the settings option --- nixos/modules/services/networking/nebula.nix | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index b936b2a1cf38..6402262b59cb 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -85,14 +85,6 @@ in description = "Port number to listen on."; }; - punch = mkOption { - type = types.bool; - default = true; - description = '' - Continues to punch inbound/outbound at a regular interval to avoid expiration of firewall nat mappings. - ''; - }; - tun.disable = mkOption { type = types.bool; default = false; @@ -164,9 +156,6 @@ in host = netCfg.listen.host; port = netCfg.listen.port; }; - punchy = { - punch = netCfg.punch; - }; tun = { disabled = netCfg.tun.disable; dev = if (netCfg.tun.device != null) then netCfg.tun.device else "nebula.${netName}"; From 9858cba4dcef4ef58edb8ab4e53c1e99b26b1295 Mon Sep 17 00:00:00 2001 From: Tim Van Baak Date: Thu, 4 Mar 2021 21:03:17 -0800 Subject: [PATCH 08/67] nixos/nebula: Add nebula unit test --- nixos/tests/nebula.nix | 132 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 nixos/tests/nebula.nix diff --git a/nixos/tests/nebula.nix b/nixos/tests/nebula.nix new file mode 100644 index 000000000000..829c23524992 --- /dev/null +++ b/nixos/tests/nebula.nix @@ -0,0 +1,132 @@ +import ./make-test-python.nix ({ pkgs, lib, ... }: let + + # We'll need to be able to trade cert files between nodes via scp. + inherit (import ./ssh-keys.nix pkgs) + snakeOilPrivateKey snakeOilPublicKey; + + makeNebulaNode = { config, ... }: name: extraConfig: lib.mkMerge [ + { + # Expose nebula for doing cert signing. + environment.systemPackages = [ pkgs.nebula ]; + users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; + services.openssh.enable = true; + + services.nebula.networks.smoke = { + # Note that these paths won't exist when the machine is first booted. + ca = "/etc/nebula/ca.crt"; + cert = "/etc/nebula/${name}.crt"; + key = "/etc/nebula/${name}.key"; + listen = { host = "0.0.0.0"; port = 4242; }; + }; + } + extraConfig + ]; + +in +{ + name = "nebula"; + + nodes = { + + lighthouse = { ... } @ args: + makeNebulaNode args "lighthouse" { + networking.interfaces.eth1.ipv4.addresses = [{ + address = "192.168.1.1"; + prefixLength = 24; + }]; + + services.nebula.networks.smoke = { + isLighthouse = true; + firewall = { + outbound = [ { port = "any"; proto = "any"; host = "any"; } ]; + inbound = [ { port = "any"; proto = "any"; host = "any"; } ]; + }; + }; + }; + + node2 = { ... } @ args: + makeNebulaNode args "node2" { + networking.interfaces.eth1.ipv4.addresses = [{ + address = "192.168.1.2"; + prefixLength = 24; + }]; + + services.nebula.networks.smoke = { + staticHostMap = { "10.0.100.1" = [ "192.168.1.1:4242" ]; }; + isLighthouse = false; + lighthouses = [ "10.0.100.1" ]; + firewall = { + outbound = [ { port = "any"; proto = "any"; host = "any"; } ]; + inbound = [ { port = "any"; proto = "any"; host = "any"; } ]; + }; + }; + }; + + }; + + testScript = let + + setUpPrivateKey = name: '' + ${name}.succeed( + "mkdir -p /root/.ssh", + "chown 700 /root/.ssh", + "cat '${snakeOilPrivateKey}' > /root/.ssh/id_snakeoil", + "chown 600 /root/.ssh/id_snakeoil", + ) + ''; + + # From what I can tell, StrictHostKeyChecking=no is necessary for ssh to work between machines. + sshOpts = "-oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -oIdentityFile=/root/.ssh/id_snakeoil"; + + restartAndCheckNebula = name: ip: '' + ${name}.systemctl("restart nebula@smoke.service") + ${name}.succeed("ping -c5 ${ip}") + ''; + + # Create a keypair on the client node, then use the public key to sign a cert on the lighthouse. + signKeysFor = name: ip: '' + lighthouse.wait_for_unit("sshd.service") + ${name}.wait_for_unit("sshd.service") + ${name}.succeed( + "mkdir -p /etc/nebula", + "nebula-cert keygen -out-key /etc/nebula/${name}.key -out-pub /etc/nebula/${name}.pub", + "scp ${sshOpts} /etc/nebula/${name}.pub 192.168.1.1:/tmp/${name}.pub", + ) + lighthouse.succeed( + 'nebula-cert sign -ca-crt /etc/nebula/ca.crt -ca-key /etc/nebula/ca.key -name "${name}" -groups "${name}" -ip "${ip}" -in-pub /tmp/${name}.pub -out-crt /tmp/${name}.crt', + ) + ${name}.succeed( + "scp ${sshOpts} 192.168.1.1:/tmp/${name}.crt /etc/nebula/${name}.crt", + "scp ${sshOpts} 192.168.1.1:/etc/nebula/ca.crt /etc/nebula/ca.crt", + ) + ''; + + in '' + start_all() + + # Create the certificate and sign the lighthouse's keys. + ${setUpPrivateKey "lighthouse"} + lighthouse.succeed( + "mkdir -p /etc/nebula", + 'nebula-cert ca -name "Smoke Test" -out-crt /etc/nebula/ca.crt -out-key /etc/nebula/ca.key', + 'nebula-cert sign -ca-crt /etc/nebula/ca.crt -ca-key /etc/nebula/ca.key -name "lighthouse" -groups "lighthouse" -ip "10.0.100.1/24" -out-crt /etc/nebula/lighthouse.crt -out-key /etc/nebula/lighthouse.key', + ) + + # Reboot the lighthouse and verify that the nebula service comes up on boot. + # Since rebooting takes a while, we'll just restart the service on the other nodes. + lighthouse.shutdown() + lighthouse.start() + lighthouse.wait_for_unit("nebula@smoke.service") + lighthouse.succeed("ping -c5 10.0.100.1") + + # Create keys on node2 and have the lighthouse sign them. + ${setUpPrivateKey "node2"} + ${signKeysFor "node2" "10.0.100.2/24"} + + # Reboot node2 and test that the nebula service comes up. + ${restartAndCheckNebula "node2" "10.0.100.2"} + + # Test that the node is now connected to the lighthouse. + node2.succeed("ping -c5 10.0.100.1") + ''; +}) \ No newline at end of file From e3f113abc2ea4108ce1d39f5332d16341e773c83 Mon Sep 17 00:00:00 2001 From: Tim Van Baak Date: Thu, 4 Mar 2021 21:04:18 -0800 Subject: [PATCH 09/67] nixos/nebula: Update systemd service to be more like the source repo's --- nixos/modules/services/networking/nebula.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index 6402262b59cb..b4ae91e19d07 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -171,7 +171,8 @@ in # Create systemd service for Nebula. "nebula@${netName}" = { description = "Nebula VPN service for ${netName}"; - after = [ "network.target" ]; + wants = [ "basic.target" ]; + after = [ "basic.target" "network.target" ]; before = [ "sshd.service" ]; wantedBy = [ "multi-user.target" ]; serviceConfig = mkMerge [ From c8dcf63b4ea6f9ffc3f79cbd823bbb1c0956efbb Mon Sep 17 00:00:00 2001 From: Tim Van Baak Date: Thu, 4 Mar 2021 21:28:25 -0800 Subject: [PATCH 10/67] nixos/nebula: Expand unit test to match source repo's smoke test --- nixos/tests/nebula.nix | 74 +++++++++++++++++++++++++++++++++++++++--- 1 file changed, 69 insertions(+), 5 deletions(-) diff --git a/nixos/tests/nebula.nix b/nixos/tests/nebula.nix index 829c23524992..c7d71c00f811 100644 --- a/nixos/tests/nebula.nix +++ b/nixos/tests/nebula.nix @@ -62,6 +62,42 @@ in }; }; + node3 = { ... } @ args: + makeNebulaNode args "node3" { + networking.interfaces.eth1.ipv4.addresses = [{ + address = "192.168.1.3"; + prefixLength = 24; + }]; + + services.nebula.networks.smoke = { + staticHostMap = { "10.0.100.1" = [ "192.168.1.1:4242" ]; }; + isLighthouse = false; + lighthouses = [ "10.0.100.1" ]; + firewall = { + outbound = [ { port = "any"; proto = "any"; host = "any"; } ]; + inbound = [ { port = "any"; proto = "any"; host = "lighthouse"; } ]; + }; + }; + }; + + node4 = { ... } @ args: + makeNebulaNode args "node4" { + networking.interfaces.eth1.ipv4.addresses = [{ + address = "192.168.1.4"; + prefixLength = 24; + }]; + + services.nebula.networks.smoke = { + staticHostMap = { "10.0.100.1" = [ "192.168.1.1:4242" ]; }; + isLighthouse = false; + lighthouses = [ "10.0.100.1" ]; + firewall = { + outbound = [ { port = "any"; proto = "any"; host = "lighthouse"; } ]; + inbound = [ { port = "any"; proto = "any"; host = "any"; } ]; + }; + }; + }; + }; testScript = let @@ -119,14 +155,42 @@ in lighthouse.wait_for_unit("nebula@smoke.service") lighthouse.succeed("ping -c5 10.0.100.1") - # Create keys on node2 and have the lighthouse sign them. + # Create keys for node2's nebula service and test that it comes up. ${setUpPrivateKey "node2"} ${signKeysFor "node2" "10.0.100.2/24"} - - # Reboot node2 and test that the nebula service comes up. ${restartAndCheckNebula "node2" "10.0.100.2"} - # Test that the node is now connected to the lighthouse. - node2.succeed("ping -c5 10.0.100.1") + # Create keys for node3's nebula service and test that it comes up. + ${setUpPrivateKey "node3"} + ${signKeysFor "node3" "10.0.100.3/24"} + ${restartAndCheckNebula "node3" "10.0.100.3"} + + # Create keys for node4's nebula service and test that it comes up. + ${setUpPrivateKey "node4"} + ${signKeysFor "node4" "10.0.100.4/24"} + ${restartAndCheckNebula "node4" "10.0.100.4"} + + # The lighthouse can ping node2 and node3 + lighthouse.succeed("ping -c3 10.0.100.2") + lighthouse.succeed("ping -c3 10.0.100.3") + + # node2 can ping the lighthouse, but not node3 because of its inbound firewall + node2.succeed("ping -c3 10.0.100.1") + node2.fail("ping -c3 10.0.100.3") + + # node3 can ping the lighthouse and node2 + node3.succeed("ping -c3 10.0.100.1") + node3.succeed("ping -c3 10.0.100.2") + + # node4 can ping the lighthouse but not node2 or node3 + node4.succeed("ping -c3 10.0.100.1") + node4.fail("ping -c3 10.0.100.2") + node4.fail("ping -c3 10.0.100.3") + + # node2 can ping node3 now that node3 pinged it first + node2.succeed("ping -c3 10.0.100.3") + # node4 can ping node2 if node2 pings it first + node2.succeed("ping -c3 10.0.100.4") + node4.succeed("ping -c3 10.0.100.2") ''; }) \ No newline at end of file From 10a6af2d610ce12e81f28e342a0dc7e104e8d28c Mon Sep 17 00:00:00 2001 From: Tim Van Baak Date: Thu, 4 Mar 2021 21:28:58 -0800 Subject: [PATCH 11/67] nixos/nebula: Add nebula module and unit test to lists --- nixos/modules/module-list.nix | 1 + nixos/tests/all-tests.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index c7a8f6b2f7c3..cbceef1a5449 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -699,6 +699,7 @@ ./services/networking/nar-serve.nix ./services/networking/nat.nix ./services/networking/ndppd.nix + ./services/networking/nebula.nix ./services/networking/networkmanager.nix ./services/networking/nextdns.nix ./services/networking/nftables.nix diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 05fd5c4822a7..1227611a54d0 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -250,6 +250,7 @@ in nat.standalone = handleTest ./nat.nix { withFirewall = false; }; ncdns = handleTest ./ncdns.nix {}; ndppd = handleTest ./ndppd.nix {}; + nebula = handleTest ./nebula.nix {}; neo4j = handleTest ./neo4j.nix {}; netdata = handleTest ./netdata.nix {}; networking.networkd = handleTest ./networking.nix { networkd = true; }; From 002fe4f19dcf14993dd850be100865b63bc97b80 Mon Sep 17 00:00:00 2001 From: Tim Van Baak Date: Thu, 4 Mar 2021 21:39:04 -0800 Subject: [PATCH 12/67] nixos/nebula: Add final newline to module and test --- nixos/modules/services/networking/nebula.nix | 2 +- nixos/tests/nebula.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index b4ae91e19d07..db6c42868d5c 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -209,4 +209,4 @@ in ${nameToId netName} = {}; }) cfg.networks); }; -} \ No newline at end of file +} diff --git a/nixos/tests/nebula.nix b/nixos/tests/nebula.nix index c7d71c00f811..b341017295ee 100644 --- a/nixos/tests/nebula.nix +++ b/nixos/tests/nebula.nix @@ -193,4 +193,4 @@ in node2.succeed("ping -c3 10.0.100.4") node4.succeed("ping -c3 10.0.100.2") ''; -}) \ No newline at end of file +}) From d2275796d1f487ce8eeac1f159b8a28cf30a1730 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Thu, 1 Apr 2021 04:20:00 +0000 Subject: [PATCH 13/67] beluga: 2020-03-11 -> 1.0 --- pkgs/applications/science/logic/beluga/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/science/logic/beluga/default.nix b/pkgs/applications/science/logic/beluga/default.nix index 44478a032b38..66cfd306128b 100644 --- a/pkgs/applications/science/logic/beluga/default.nix +++ b/pkgs/applications/science/logic/beluga/default.nix @@ -1,14 +1,14 @@ { lib, fetchFromGitHub, ocamlPackages, rsync }: -ocamlPackages.buildDunePackage { +ocamlPackages.buildDunePackage rec { pname = "beluga"; - version = "unstable-2020-03-11"; + version = "1.0"; src = fetchFromGitHub { owner = "Beluga-lang"; repo = "Beluga"; - rev = "6133b2f572219333f304bb4f77c177592324c55b"; - sha256 = "0sy6mi50z3mvs5z7dx38piydapk89all81rh038x3559b5fsk68q"; + rev = "v${version}"; + sha256 = "1ziqjfv8jwidl8lj2mid2shhgqhv31dfh5wad2zxjpvf6038ahsw"; }; useDune2 = true; From 212adc0c99ba152053b61d8479b47a672ef0c6c8 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Thu, 1 Apr 2021 04:20:00 +0000 Subject: [PATCH 14/67] ocamlformat: 0.17.0 -> 0.18.0 https://github.com/ocaml-ppx/ocamlformat/releases/tag/0.18.0 --- .../tools/ocaml/ocamlformat/default.nix | 6 +++- .../tools/ocaml/ocamlformat/generic.nix | 28 +++++++++++++++---- 2 files changed, 27 insertions(+), 7 deletions(-) diff --git a/pkgs/development/tools/ocaml/ocamlformat/default.nix b/pkgs/development/tools/ocaml/ocamlformat/default.nix index c3b4182a0b51..4c8a4b9e9d0c 100644 --- a/pkgs/development/tools/ocaml/ocamlformat/default.nix +++ b/pkgs/development/tools/ocaml/ocamlformat/default.nix @@ -52,5 +52,9 @@ rec { version = "0.17.0"; }; - ocamlformat = ocamlformat_0_17_0; + ocamlformat_0_18_0 = mkOCamlformat { + version = "0.18.0"; + }; + + ocamlformat = ocamlformat_0_18_0; } diff --git a/pkgs/development/tools/ocaml/ocamlformat/generic.nix b/pkgs/development/tools/ocaml/ocamlformat/generic.nix index 69f26c5b8877..223ac39c6aa2 100644 --- a/pkgs/development/tools/ocaml/ocamlformat/generic.nix +++ b/pkgs/development/tools/ocaml/ocamlformat/generic.nix @@ -21,11 +21,10 @@ let src = "0.15.1" = "1x6fha495sgk4z05g0p0q3zfqm5l6xzmf6vjm9g9g7c820ym2q9a"; "0.16.0" = "1vwjvvwha0ljc014v8jp8snki5zsqxlwd7x0dl0rg2i9kcmwc4mr"; "0.17.0" = "0f1lxp697yq61z8gqxjjaqd2ns8fd1vjfggn55x0gh9dx098p138"; + "0.18.0" = "0571kzmb1h03qj74090n3mg8wfbh29qqrkdjkai6rnl5chll86lq"; }."${version}"; - } -; in - -let ocamlPackages = + }; + ocamlPackages = if lib.versionAtLeast version "0.14.3" then ocaml-ng.ocamlPackages else ocaml-ng.ocamlPackages_4_07 @@ -33,7 +32,7 @@ let ocamlPackages = with ocamlPackages; -buildDunePackage rec { +buildDunePackage { pname = "ocamlformat"; inherit src version; @@ -45,7 +44,24 @@ buildDunePackage rec { useDune2 = true; buildInputs = - if lib.versionAtLeast version "0.17.0" + if lib.versionAtLeast version "0.18.0" + then [ + base + cmdliner + fpath + odoc + re + stdio + uuseg + uutf + fix + menhir + dune-build-info + ocaml-version + # Changed since 0.16.0: + (ppxlib.override { version = "0.22.0"; }) + ] + else if lib.versionAtLeast version "0.17.0" then [ base cmdliner From 6401be45a936dfe23256dcd29547a76047f8c18b Mon Sep 17 00:00:00 2001 From: Jappie Klooster Date: Sat, 3 Apr 2021 10:07:54 -0400 Subject: [PATCH 15/67] maintainers: add jappie --- maintainers/maintainer-list.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 89c506688a77..414e933ce8c2 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -4283,6 +4283,12 @@ githubId = 2588851; name = "Jan Solanti"; }; + jappie = { + email = "jappieklooster@hotmail.com"; + github = "jappeace"; + githubId = 3874017; + name = "Jappie Klooster"; + }; javaguirre = { email = "contacto@javaguirre.net"; github = "javaguirre"; From 93f9883a054b299400654adfa2851183f8648f00 Mon Sep 17 00:00:00 2001 From: Jappie Klooster Date: Fri, 2 Apr 2021 11:06:49 -0400 Subject: [PATCH 16/67] iodash: init at 0.1.7 IODash is required to build the latest version of ydotool. I'm sure as a library it has many other use cases. It seems to be a contender towards the well known boost library. This init points to a temporary fork which makes it build. The install directive was missing. I'm intending to upstream this change if I can. Or otherwise make this a permanent fork. Point iodash to the right version Add comment in iodash on repo change Fix undefined variable src Remove jappie from maintainer list Update pkgs/development/libraries/iodash/default.nix Co-authored-by: Sandro Update pkgs/development/libraries/iodash/default.nix Co-authored-by: Sandro Update pkgs/development/libraries/iodash/default.nix Co-authored-by: Sandro Fix dangling in Format patch for IODash --- .../0001-Add-cmake-install-directives.patch | 44 +++++++++++++++++++ pkgs/development/libraries/iodash/default.nix | 27 ++++++++++++ pkgs/top-level/all-packages.nix | 1 + 3 files changed, 72 insertions(+) create mode 100644 pkgs/development/libraries/iodash/0001-Add-cmake-install-directives.patch create mode 100644 pkgs/development/libraries/iodash/default.nix diff --git a/pkgs/development/libraries/iodash/0001-Add-cmake-install-directives.patch b/pkgs/development/libraries/iodash/0001-Add-cmake-install-directives.patch new file mode 100644 index 000000000000..1868a7419208 --- /dev/null +++ b/pkgs/development/libraries/iodash/0001-Add-cmake-install-directives.patch @@ -0,0 +1,44 @@ +From 89c7c160f897f64e17fb74efffccfd1fc16f8b7d Mon Sep 17 00:00:00 2001 +From: Jappie Klooster +Date: Fri, 2 Apr 2021 14:22:02 -0400 +Subject: [PATCH] Add cmake install directives. + +To make nix builds work, it expect a `make install` command to +be available. +Adding these directives seems to fix the build. + +If it's no trouble to you, please add them. + +Maybe don't need endian +--- + CMakeLists.txt | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 06e416f..8d6f489 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -6,6 +6,8 @@ set(CMAKE_CXX_STANDARD 17) + add_library(IODash INTERFACE) + target_include_directories(IODash INTERFACE .) + ++include(GNUInstallDirs) ++ + add_executable(IODash_Test test.cpp) + target_link_libraries(IODash_Test IODash) + +@@ -20,3 +22,11 @@ if (DEFINED BUILD_BENCHMARKS AND (${BUILD_BENCHMARKS})) + target_link_libraries(boost_Benchmark_HTTP boost_system pthread) + endif() + ++install(TARGETS IODash ++ LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}) ++install(FILES IODash.hpp ++ DESTINATION include/) ++ ++install(FILES ++ IODash/Buffer.hpp IODash/SocketAddress.hpp IODash/File.hpp IODash/Socket.hpp IODash/EventLoop.hpp IODash/Serial.hpp IODash/Timer.hpp ++ DESTINATION include/IODash) +-- +2.29.2 + diff --git a/pkgs/development/libraries/iodash/default.nix b/pkgs/development/libraries/iodash/default.nix new file mode 100644 index 000000000000..d8982f0f8c04 --- /dev/null +++ b/pkgs/development/libraries/iodash/default.nix @@ -0,0 +1,27 @@ +{ lib, stdenv, fetchFromGitHub, cmake, pkg-config }: + +stdenv.mkDerivation rec { + pname = "iodash"; + version = "0.1.7"; + + src = fetchFromGitHub { + owner = "YukiWorkshop"; + repo = "IODash"; + rev = "9dcb26621a9c17dbab704b5bab0c3a5fc72624cb"; + sha256 = "0db5y2206fwh3h1pzjm9hy3m76inm0xpm1c5gvrladz6hiqfp7bx"; + fetchSubmodules = true; + }; + # adds missing cmake install directives + # https://github.com/YukiWorkshop/IODash/pull/2 + patches = [ ./0001-Add-cmake-install-directives.patch]; + + nativeBuildInputs = [ cmake pkg-config ]; + + meta = with lib; { + homepage = "https://github.com/YukiWorkshop/IODash"; + description = "Lightweight C++ I/O library for POSIX operation systems"; + license = licenses.mit; + maintainers = with maintainers; [ jappie ]; + platforms = with platforms; linux; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 94b6a6444439..304f63fb70f1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6096,6 +6096,7 @@ in ispell = callPackage ../tools/text/ispell {}; + iodash = callPackage ../development/libraries/iodash { }; jumanpp = callPackage ../tools/text/jumanpp {}; jump = callPackage ../tools/system/jump {}; From c102db25e8178f80012d8d73032fa990047618a5 Mon Sep 17 00:00:00 2001 From: Jappie Klooster Date: Fri, 2 Apr 2021 14:11:51 -0400 Subject: [PATCH 17/67] cxxopts: 2.2.1 -> 2020-12-14 This upgrade is made intandum with upgrading ydotools. The only dependending package of this library at the moment. Changing to date notation because ydotool just specifies a specific commit, since no other library depends on this, I upgraded it to that exact same version. Fix cxxopts date formating Update pkgs/development/libraries/cxxopts/default.nix Co-authored-by: Sandro --- pkgs/development/libraries/cxxopts/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/cxxopts/default.nix b/pkgs/development/libraries/cxxopts/default.nix index ddbc845e3b49..1df570d7d290 100644 --- a/pkgs/development/libraries/cxxopts/default.nix +++ b/pkgs/development/libraries/cxxopts/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { name = "cxxopts"; - version = "2.2.1"; + version = "unstable-2020-12-14"; src = fetchFromGitHub { owner = "jarro2783"; repo = name; - rev = "v${version}"; - sha256 = "0d3y747lsh1wkalc39nxd088rbypxigm991lk3j91zpn56whrpha"; + rev = "2d8e17c4f88efce80e274cb03eeb902e055a91d3"; + sha256 = "0pwrac81zfqjs17g3hx8r3ds2xf04npb6mz111qjy4bx17314ib7"; }; buildInputs = lib.optional enableUnicodeHelp [ icu.dev ]; From c4606d16d4c893c8173016df7d1195207cedd877 Mon Sep 17 00:00:00 2001 From: Jappie Klooster Date: Fri, 2 Apr 2021 16:13:30 -0400 Subject: [PATCH 18/67] libevdevplus: 2019-10-01 -> 2021-04-02 This upgrade is made intandum with upgrading ydotools. ydotools is the only dependending package of this library at the moment. add coment in libevdeplus on repo change libevdevplus: Add patch missing cmake directives --- .../0001-Add-cmake-install-directives.patch | 41 +++++++++++++++++++ .../libraries/libevdevplus/default.nix | 10 +++-- 2 files changed, 48 insertions(+), 3 deletions(-) create mode 100644 pkgs/development/libraries/libevdevplus/0001-Add-cmake-install-directives.patch diff --git a/pkgs/development/libraries/libevdevplus/0001-Add-cmake-install-directives.patch b/pkgs/development/libraries/libevdevplus/0001-Add-cmake-install-directives.patch new file mode 100644 index 000000000000..2635d6ab829e --- /dev/null +++ b/pkgs/development/libraries/libevdevplus/0001-Add-cmake-install-directives.patch @@ -0,0 +1,41 @@ +From 7f208aaf21aa468013fc41e67c32f6a6c8c08249 Mon Sep 17 00:00:00 2001 +From: Jappie Klooster +Date: Fri, 2 Apr 2021 16:01:05 -0400 +Subject: [PATCH] Add cmake install directives + +To make nix builds work, it expect a make install command to +be available. +Adding these directives seems to fix the build. + +If it's no trouble to you, please add them. +--- + CMakeLists.txt | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index f9db618..425d391 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -4,10 +4,17 @@ project(libevdevPlus) + set(SOURCE_FILES + evdevPlus.cpp evdevPlus.hpp CommonIncludes.hpp InputEvent.hpp Resource.cpp) + ++include(GNUInstallDirs) ++ + add_library(evdevPlus ${SOURCE_FILES}) + target_include_directories(evdevPlus PUBLIC .) + + add_executable(evdevPlus_test test.cpp) + target_link_libraries(evdevPlus_test evdevPlus) + +-configure_file(evdevPlus.pc.in evdevPlus.pc @ONLY) +\ No newline at end of file ++configure_file(evdevPlus.pc.in evdevPlus.pc @ONLY) ++ ++install(TARGETS evdevPlus ++ LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}) ++install(FILES evdevPlus.hpp CommonIncludes.hpp InputEvent.hpp ++ DESTINATION include/) +-- +2.29.2 + diff --git a/pkgs/development/libraries/libevdevplus/default.nix b/pkgs/development/libraries/libevdevplus/default.nix index 66c5f1b06964..11d644cd90df 100644 --- a/pkgs/development/libraries/libevdevplus/default.nix +++ b/pkgs/development/libraries/libevdevplus/default.nix @@ -2,13 +2,17 @@ stdenv.mkDerivation rec { pname = "libevdevplus"; - version = "unstable-2019-10-01"; + version = "unstable-2021-04-02"; + + # adds missing cmake install directives + # https://github.com/YukiWorkshop/libevdevPlus/pull/10 + patches = [ ./0001-Add-cmake-install-directives.patch]; src = fetchFromGitHub { owner = "YukiWorkshop"; repo = "libevdevPlus"; - rev = "e863df2ade43e2c7d7748cc33ca27fb3eed325ca"; - sha256 = "18z6pn4j7fhmwwh0q22ip5nn7sc1hfgwvkdzqhkja60i8cw2cvvj"; + rev = "b4d4b3143056424a3da9f0516ca02a47209ef757"; + sha256 = "09y65s16gch0w7fy1s9yjk9gz3bjzxix36h5wmwww6lkj2i1z3rj"; }; nativeBuildInputs = [ cmake pkg-config ]; From 584490f6809daa3d68c7200e95d9ebf714d60e0a Mon Sep 17 00:00:00 2001 From: Jappie Klooster Date: Fri, 2 Apr 2021 16:41:43 -0400 Subject: [PATCH 19/67] libinputplus: 2019-10-01 -> 2021-04-02 This upgrade is made intandum with upgrading ydotools. ydotools is the only dependending package of this library at the moment. fix spelling of Tomporarly readd rec block to libuintput Add patch for missing cmake directives --- .../0001-Add-cmake-install-directives.patch | 40 +++++++++++++++++++ .../libraries/libuinputplus/default.nix | 11 +++-- 2 files changed, 47 insertions(+), 4 deletions(-) create mode 100644 pkgs/development/libraries/libuinputplus/0001-Add-cmake-install-directives.patch diff --git a/pkgs/development/libraries/libuinputplus/0001-Add-cmake-install-directives.patch b/pkgs/development/libraries/libuinputplus/0001-Add-cmake-install-directives.patch new file mode 100644 index 000000000000..cd6f43d37705 --- /dev/null +++ b/pkgs/development/libraries/libuinputplus/0001-Add-cmake-install-directives.patch @@ -0,0 +1,40 @@ +From 265e406e254c8d84016b12b344d8df71d1765dd1 Mon Sep 17 00:00:00 2001 +From: Jappie Klooster +Date: Fri, 2 Apr 2021 16:33:18 -0400 +Subject: [PATCH] Add cmake install directives + +To make nix builds work, it expect a make install command to +be available. +Adding these directives seems to fix the build. + +If it's no trouble to you, please consider adding them. +--- + CMakeLists.txt | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index cbfc9c1..948c432 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -7,6 +7,8 @@ set(SOURCE_FILES + uInput.cpp uInputSetup.cpp uInputResource.cpp + uInput.hpp CommonIncludes.hpp uInputSetup.hpp) + ++include(GNUInstallDirs) ++ + add_library(uInputPlus ${SOURCE_FILES}) + target_include_directories(uInputPlus PUBLIC .) + +@@ -15,3 +17,9 @@ target_link_libraries(uInputPlus_test uInputPlus) + + configure_file(uInputPlus.pc.in uInputPlus.pc @ONLY) + ++ ++install(TARGETS uInputPlus ++ LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}) ++install(FILES uInput.hpp CommonIncludes.hpp uInputSetup.hpp ++ DESTINATION include/) ++ +-- +2.29.2 + diff --git a/pkgs/development/libraries/libuinputplus/default.nix b/pkgs/development/libraries/libuinputplus/default.nix index 9085b8610789..28110b577047 100644 --- a/pkgs/development/libraries/libuinputplus/default.nix +++ b/pkgs/development/libraries/libuinputplus/default.nix @@ -1,14 +1,17 @@ { lib, stdenv, fetchFromGitHub, cmake, pkg-config }: - stdenv.mkDerivation rec { pname = "libuinputplus"; - version = "2019-10-01"; + version = "2021-04-02"; + + # adds missing cmake install directives + # https://github.com/YukiWorkshop/libuInputPlus/pull/7 + patches = [ ./0001-Add-cmake-install-directives.patch]; src = fetchFromGitHub { owner = "YukiWorkshop"; repo = "libuInputPlus"; - rev = "962f180b4cc670e1f5cc73c2e4d5d196ae52d630"; - sha256 = "0jy5i7bmjad7hw1qcyjl4swqribp2027s9g3609zwj7lj8z5x0bg"; + rev = "f7f18eb339bba61a43f2cad481a9b1a453a66957"; + sha256 = "0sind2ghhy4h9kfkr5hsmhcq0di4ifwqyv4gac96rgj5mwvs33lp"; }; nativeBuildInputs = [ cmake pkg-config ]; From a0d817b48f151ef7877e921ed490771ae56bf283 Mon Sep 17 00:00:00 2001 From: Jappie Klooster Date: Fri, 2 Apr 2021 16:47:34 -0400 Subject: [PATCH 20/67] ydotool: 0.1.8 -> 2021-01-20 Upgrading ydotool gives two big features: 1. support for sleep, making it easier to combine with sway 2. recording support. Allowing you to record macros! This does however make the daemon a bit unstable, I had it crash on my when trying to type. However the daemon is optional, and this is an upstream issue. So I think it's a good change. Furthermore several libraries are upgraded with this change as well, they all seem to be used and maintained by the same authors. readd rec block to ydotool Update pkgs/tools/wayland/ydotool/default.nix Co-authored-by: Sandro Update pkgs/tools/wayland/ydotool/default.nix Co-authored-by: Sandro Update pkgs/tools/wayland/ydotool/default.nix Co-authored-by: Sandro --- pkgs/tools/wayland/ydotool/default.nix | 24 +++++--- .../wayland/ydotool/fixup-cmakelists.patch | 58 +++++++++++++++++++ 2 files changed, 74 insertions(+), 8 deletions(-) create mode 100644 pkgs/tools/wayland/ydotool/fixup-cmakelists.patch diff --git a/pkgs/tools/wayland/ydotool/default.nix b/pkgs/tools/wayland/ydotool/default.nix index 76ebd2250061..4a75eac8c574 100644 --- a/pkgs/tools/wayland/ydotool/default.nix +++ b/pkgs/tools/wayland/ydotool/default.nix @@ -1,26 +1,34 @@ -{ lib, stdenv, fetchFromGitHub, pkg-config, cmake, boost, libevdevplus, libuinputplus }: +{ lib, stdenv, fetchFromGitHub, pkg-config, cmake, boost, libevdevplus, libuinputplus, iodash, cxxopts}: stdenv.mkDerivation rec { pname = "ydotool"; - version = "0.1.8"; + version = "unstable-2021-01-20"; src = fetchFromGitHub { owner = "ReimuNotMoe"; repo = "ydotool"; - rev = "v${version}"; - sha256 = "0mx3636p0f8pznmwm4rlbwq7wrmjb2ygkf8b3a6ps96a7j1fw39l"; + rev = "b1d041f52f7bac364d6539b1251d29c3b77c0f37"; + sha256 = "1gzdbx6fv0dbcyia3yyzhv93az2gf90aszb9kcj5cnxywfpv9w9g"; }; - # disable static linking + # upstream decided to use a cpp package manager called cpm. + # we need to disable that because it wants networking, furthermore, + # it does some system folder creating which also needs to be disabled. + # Both changes are to respect the sandbox. + patches = [ ./fixup-cmakelists.patch ]; + + + # cxxopts is a header only library. + # See pull request: https://github.com/ReimuNotMoe/ydotool/pull/105 postPatch = '' substituteInPlace CMakeLists.txt --replace \ - "-static" \ - "" + "PUBLIC cxxopts" \ + "PUBLIC" ''; nativeBuildInputs = [ cmake pkg-config ]; buildInputs = [ - boost libevdevplus libuinputplus + boost libevdevplus libuinputplus iodash cxxopts ]; meta = with lib; { diff --git a/pkgs/tools/wayland/ydotool/fixup-cmakelists.patch b/pkgs/tools/wayland/ydotool/fixup-cmakelists.patch new file mode 100644 index 000000000000..965d5c38d83f --- /dev/null +++ b/pkgs/tools/wayland/ydotool/fixup-cmakelists.patch @@ -0,0 +1,58 @@ +From bb8bc44d22060cd1215712117cf30eae09f4f6ba Mon Sep 17 00:00:00 2001 +From: Jappie Klooster +Date: Fri, 2 Apr 2021 14:04:14 -0400 +Subject: [PATCH] Fixup cmaklists + +We remove cpm, which is a package manager for c++, +which requires networking, so it's better just deleted. + +Furthermore we delete the adddirectory statements. +These want to modify directories outside of the sandbox. +--- + CMakeLists.txt | 26 -------------------------- + 1 file changed, 26 deletions(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index b5e8789..b797538 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -13,30 +13,6 @@ endif() + + include(${CPM_DOWNLOAD_LOCATION}) + +-CPMAddPackage( +- NAME IODash +- GITHUB_REPOSITORY YukiWorkshop/IODash +- VERSION 0.1.0 +-) +- +-CPMAddPackage( +- NAME libevdevPlus +- GITHUB_REPOSITORY YukiWorkshop/libevdevPlus +- VERSION 0.2.1 +-) +- +-CPMAddPackage( +- NAME libuInputPlus +- GITHUB_REPOSITORY YukiWorkshop/libuInputPlus +- VERSION 0.2.1 +-) +- +-CPMAddPackage( +- NAME cxxopts +- GITHUB_REPOSITORY jarro2783/cxxopts +- VERSION 3.0.0 +- GIT_TAG 2d8e17c4f88efce80e274cb03eeb902e055a91d3 +-) + + set(SOURCE_FILES_LIBRARY + CommonIncludes.hpp +@@ -74,5 +50,3 @@ add_executable(ydotool ${SOURCE_FILES_CLIENT}) + target_link_libraries(ydotool ydotool_library dl pthread uInputPlus evdevPlus) + install(TARGETS ydotool DESTINATION ${CMAKE_INSTALL_BINDIR}) + +-add_subdirectory(Daemon) +-add_subdirectory(manpage) +-- +2.29.2 + From 427edc8b5a45fbf84d9fadc6bfee7b3fab6667dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eduardo=20S=C3=A1nchez=20Mu=C3=B1oz?= Date: Sat, 10 Apr 2021 18:25:08 +0200 Subject: [PATCH 21/67] kicad: include desktop, icon and mime files Fixes https://github.com/NixOS/nixpkgs/issues/106295. --- .../science/electronics/kicad/default.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pkgs/applications/science/electronics/kicad/default.nix b/pkgs/applications/science/electronics/kicad/default.nix index b91b5ad14a9c..bf1ce9c542aa 100644 --- a/pkgs/applications/science/electronics/kicad/default.nix +++ b/pkgs/applications/science/electronics/kicad/default.nix @@ -216,6 +216,8 @@ stdenv.mkDerivation rec { in (concatStringsSep "\n" (flatten [ + "runHook preInstall" + (optionalString (withScripting) "buildPythonPath \"${base} $pythonPath\" \n") # wrap each of the directly usable tools @@ -227,10 +229,19 @@ stdenv.mkDerivation rec { # link in the CLI utils (map (util: "ln -s ${base}/bin/${util} $out/bin/${util}") utils) + + "runHook postInstall" ]) ) ; + postInstall = '' + mkdir -p $out/share + ln -s ${base}/share/applications $out/share/applications + ln -s ${base}/share/icons $out/share/icons + ln -s ${base}/share/mime $out/share/mime + ''; + # can't run this for each pname # stable and unstable are in the same versions.nix # and kicad-small reuses stable From b5c90bb4da054d5f2142d995813045be95d7ea30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eduardo=20S=C3=A1nchez=20Mu=C3=B1oz?= Date: Sat, 10 Apr 2021 20:39:02 +0200 Subject: [PATCH 22/67] kicad: fix license https://kicad.org/about/licenses/ --- pkgs/applications/science/electronics/kicad/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/science/electronics/kicad/default.nix b/pkgs/applications/science/electronics/kicad/default.nix index bf1ce9c542aa..76048733a6a3 100644 --- a/pkgs/applications/science/electronics/kicad/default.nix +++ b/pkgs/applications/science/electronics/kicad/default.nix @@ -259,7 +259,7 @@ stdenv.mkDerivation rec { KiCad is an open source software suite for Electronic Design Automation. The Programs handle Schematic Capture, and PCB Layout with Gerber output. ''; - license = lib.licenses.agpl3; + license = lib.licenses.gpl3Plus; # berce seems inactive... maintainers = with lib.maintainers; [ evils kiwi berce ]; # kicad is cross platform From 064e0af80b574bfe96540f17ddd35d6e0b1d5c71 Mon Sep 17 00:00:00 2001 From: Morgan Jones Date: Sat, 10 Apr 2021 16:38:44 -0600 Subject: [PATCH 23/67] nixos/nebula: Add enable option defaulting to true to Nebula networks --- nixos/modules/services/networking/nebula.nix | 25 +++++++++++------ nixos/tests/nebula.nix | 29 +++++++++++++++++++- 2 files changed, 44 insertions(+), 10 deletions(-) diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index db6c42868d5c..e7ebfe1b4db7 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -5,6 +5,7 @@ with lib; let cfg = config.services.nebula; + enabledNetworks = filterAttrs (n: v: v.enable) cfg.networks; format = pkgs.formats.yaml {}; @@ -20,6 +21,12 @@ in default = {}; type = types.attrsOf (types.submodule { options = { + enable = mkOption { + type = types.bool; + default = true; + description = "Enable or disable this network."; + }; + package = mkOption { type = types.package; default = pkgs.nebula; @@ -137,11 +144,11 @@ in }; # Implementation - config = mkIf (cfg.networks != {}) { - systemd.services = mkMerge (lib.mapAttrsToList (netName: netCfg: + config = mkIf (enabledNetworks != {}) { + systemd.services = mkMerge (mapAttrsToList (netName: netCfg: let networkId = nameToId netName; - settings = lib.recursiveUpdate { + settings = recursiveUpdate { pki = { ca = netCfg.ca; cert = netCfg.cert; @@ -188,25 +195,25 @@ in }) ]; }; - }) cfg.networks); + }) enabledNetworks); # Open the chosen ports for UDP. networking.firewall.allowedUDPPorts = - lib.unique (lib.mapAttrsToList (netName: netCfg: netCfg.listen.port) cfg.networks); + unique (mapAttrsToList (netName: netCfg: netCfg.listen.port) enabledNetworks); # Create the service users and groups. - users.users = mkMerge (lib.mapAttrsToList (netName: netCfg: + users.users = mkMerge (mapAttrsToList (netName: netCfg: mkIf netCfg.tun.disable { ${nameToId netName} = { group = nameToId netName; description = "Nebula service user for network ${netName}"; isSystemUser = true; }; - }) cfg.networks); + }) enabledNetworks); - users.groups = mkMerge (lib.mapAttrsToList (netName: netCfg: + users.groups = mkMerge (mapAttrsToList (netName: netCfg: mkIf netCfg.tun.disable { ${nameToId netName} = {}; - }) cfg.networks); + }) enabledNetworks); }; } diff --git a/nixos/tests/nebula.nix b/nixos/tests/nebula.nix index b341017295ee..372cfebdf801 100644 --- a/nixos/tests/nebula.nix +++ b/nixos/tests/nebula.nix @@ -88,6 +88,26 @@ in }]; services.nebula.networks.smoke = { + enable = true; + staticHostMap = { "10.0.100.1" = [ "192.168.1.1:4242" ]; }; + isLighthouse = false; + lighthouses = [ "10.0.100.1" ]; + firewall = { + outbound = [ { port = "any"; proto = "any"; host = "lighthouse"; } ]; + inbound = [ { port = "any"; proto = "any"; host = "any"; } ]; + }; + }; + }; + + node5 = { ... } @ args: + makeNebulaNode args "node5" { + networking.interfaces.eth1.ipv4.addresses = [{ + address = "192.168.1.5"; + prefixLength = 24; + }]; + + services.nebula.networks.smoke = { + enable = false; staticHostMap = { "10.0.100.1" = [ "192.168.1.1:4242" ]; }; isLighthouse = false; lighthouses = [ "10.0.100.1" ]; @@ -170,9 +190,16 @@ in ${signKeysFor "node4" "10.0.100.4/24"} ${restartAndCheckNebula "node4" "10.0.100.4"} - # The lighthouse can ping node2 and node3 + # Create keys for node4's nebula service and test that it does not come up. + ${setUpPrivateKey "node5"} + ${signKeysFor "node5" "10.0.100.5/24"} + node5.fail("systemctl status nebula@smoke.service") + node5.fail("ping -c5 10.0.100.5") + + # The lighthouse can ping node2 and node3 but not node5 lighthouse.succeed("ping -c3 10.0.100.2") lighthouse.succeed("ping -c3 10.0.100.3") + lighthouse.fail("ping -c3 10.0.100.5") # node2 can ping the lighthouse, but not node3 because of its inbound firewall node2.succeed("ping -c3 10.0.100.1") From c9911f91ae02473f4c4616ff2c69a14c8beb5b01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Domen=20Ko=C5=BEar?= Date: Mon, 19 Apr 2021 13:35:15 +0200 Subject: [PATCH 24/67] Add a warning comment on commits that violate https://github.com/NixOS/nixpkgs/issues/118661 --- .github/workflows/direct-push.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .github/workflows/direct-push.yml diff --git a/.github/workflows/direct-push.yml b/.github/workflows/direct-push.yml new file mode 100644 index 000000000000..db9da761760f --- /dev/null +++ b/.github/workflows/direct-push.yml @@ -0,0 +1,28 @@ +name: "Direct Push Warning" +on: + push: + branches: + - master + - release-** +jobs: + build: + runs-on: ubuntu-latest + env: + GITHUB_SHA: ${{ github.sha }} + GITHUB_REPOSITORY: ${{ github.repository }} + steps: + - name: Check if commit is a merge commit + id: ismerge + run: | + ISMERGE=$(curl -H 'Accept: application/vnd.github.groot-preview+json' -H "authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ env.GITHUB_REPOSITORY }}/commits/${{ env.GITHUB_SHA }}/pulls | jq -r '.[] | select(.merge_commit_sha == "${{ env.GITHUB_SHA }}") | any') + echo "::set-output name=ismerge::$ISMERGE" + - name: Warn if the commit was a direct push + if: steps.ismerge.outputs.ismerge != 'true' + uses: peter-evans/commit-comment@v1 + with: + body: | + @${{ github.actor }} pushed a commit directly to master/release branch + instead of going through a Pull Request. + + That's highly discouraged beyond the few exceptions listed + on https://github.com/NixOS/nixpkgs/issues/118661. From 932ffcd08d82b11a507c3a5d93f950f6036765c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Domen=20Ko=C5=BEar?= Date: Mon, 19 Apr 2021 14:06:54 +0200 Subject: [PATCH 25/67] Update .github/workflows/direct-push.yml Co-authored-by: Alyssa Ross --- .github/workflows/direct-push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/direct-push.yml b/.github/workflows/direct-push.yml index db9da761760f..554cffa3a998 100644 --- a/.github/workflows/direct-push.yml +++ b/.github/workflows/direct-push.yml @@ -21,7 +21,7 @@ jobs: uses: peter-evans/commit-comment@v1 with: body: | - @${{ github.actor }} pushed a commit directly to master/release branch + @${{ github.actor }}, you pushed a commit directly to master/release branch instead of going through a Pull Request. That's highly discouraged beyond the few exceptions listed From 9479e4f0a1eea2aece68587ab50969401b9ea6c6 Mon Sep 17 00:00:00 2001 From: Dmitry Bogatov Date: Tue, 20 Apr 2021 00:00:00 +0000 Subject: [PATCH 26/67] laminar: use more specific license (gpl3 -> gpl3Plus) --- .../tools/continuous-integration/laminar/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/tools/continuous-integration/laminar/default.nix b/pkgs/development/tools/continuous-integration/laminar/default.nix index 5b492ee67b31..8d06ff94a032 100644 --- a/pkgs/development/tools/continuous-integration/laminar/default.nix +++ b/pkgs/development/tools/continuous-integration/laminar/default.nix @@ -58,7 +58,7 @@ in stdenv.mkDerivation rec { meta = with lib; { description = "Lightweight and modular continuous integration service"; homepage = "https://laminar.ohwg.net"; - license = licenses.gpl3; + license = licenses.gpl3Plus; platforms = platforms.linux; maintainers = with maintainers; [ kaction maralorn ]; }; From 41f00c89185c1297f05c2fbcd25a0927f6c69f91 Mon Sep 17 00:00:00 2001 From: Antonio Yang Date: Mon, 19 Apr 2021 17:08:34 +0800 Subject: [PATCH 27/67] himalaya: init at 0.2.6 - make shell completion optional - specify security and libiconv for apple --- .../mailreaders/himalaya/default.nix | 54 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 4 ++ 2 files changed, 58 insertions(+) create mode 100644 pkgs/applications/networking/mailreaders/himalaya/default.nix diff --git a/pkgs/applications/networking/mailreaders/himalaya/default.nix b/pkgs/applications/networking/mailreaders/himalaya/default.nix new file mode 100644 index 000000000000..76f1e92d5f5b --- /dev/null +++ b/pkgs/applications/networking/mailreaders/himalaya/default.nix @@ -0,0 +1,54 @@ +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, openssl +, pkg-config +, installShellFiles +, enableCompletions ? stdenv.hostPlatform == stdenv.buildPlatform +, Security +, libiconv +}: +rustPlatform.buildRustPackage rec { + pname = "himalaya"; + version = "0.2.6"; + + src = fetchFromGitHub { + owner = "soywod"; + repo = pname; + rev = "v${version}"; + sha256 = "1fl3lingb4wdh6bz4calzbibixg44wnnwi1qh0js1ijp8b6ll560"; + }; + + cargoSha256 = "10p8di71w7hn36b1994wgk33fnj641lsp80zmccinlg5fiwyzncx"; + + nativeBuildInputs = [ ] + ++ lib.optionals (enableCompletions) [ installShellFiles ] + ++ lib.optionals (!stdenv.hostPlatform.isDarwin) [ pkg-config ]; + + buildInputs = + if stdenv.hostPlatform.isDarwin then [ + Security + libiconv + ] else [ + openssl + ]; + + # The completions are correctly installed, and there is issue that himalaya + # generate empty completion files without mail configure. + # This supposed to be fixed in 0.2.7 + postInstall = lib.optionalString enableCompletions '' + # Install shell function + installShellCompletion --cmd himalaya \ + --bash <($out/bin/himalaya completion bash) \ + --fish <($out/bin/himalaya completion fish) \ + --zsh <($out/bin/himalaya completion zsh) + ''; + + meta = with lib; { + description = "CLI email client written in Rust"; + homepage = "https://github.com/soywod/himalaya"; + license = licenses.bsd3; + maintainers = with maintainers; [ yanganto ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 039a95b6c0dc..9c0753a01e31 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -23479,6 +23479,10 @@ in hexedit = callPackage ../applications/editors/hexedit { }; + himalaya = callPackage ../applications/networking/mailreaders/himalaya { + inherit (darwin.apple_sdk.frameworks) Security; + }; + hipchat = callPackage ../applications/networking/instant-messengers/hipchat { }; hivelytracker = callPackage ../applications/audio/hivelytracker { }; From 5a9dfb570a0fff580eefdf295aaf7e5a84ec9de1 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Tue, 20 Apr 2021 04:20:00 +0000 Subject: [PATCH 28/67] tflint: 0.26.0 -> 0.27.0 https://github.com/terraform-linters/tflint/releases/tag/v0.27.0 --- pkgs/development/tools/analysis/tflint/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/analysis/tflint/default.nix b/pkgs/development/tools/analysis/tflint/default.nix index c8ae231dea8d..d52ac500e80b 100644 --- a/pkgs/development/tools/analysis/tflint/default.nix +++ b/pkgs/development/tools/analysis/tflint/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "tflint"; - version = "0.26.0"; + version = "0.27.0"; src = fetchFromGitHub { owner = "terraform-linters"; repo = pname; rev = "v${version}"; - sha256 = "054g0lr0r1xzbss4b4j9ixkls9p1llmw61afib1381z4k0lvzgwn"; + sha256 = "1s49a3yihfkd8ib336a29ch53mpcyxzicglss7bqmqapv6zi37dg"; }; - vendorSha256 = "0j2avkhyq6vz6113lkf004d4hysygc6iw78v70z98s6m15mg9imn"; + vendorSha256 = "1w72n1sprwylaj96aj03h4qq43525q15iwb6vf23gf6913zhvqy3"; doCheck = false; From e69cbd222aa6c7722fd2ff7732a054fb8d5e4526 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Tue, 20 Apr 2021 04:20:00 +0000 Subject: [PATCH 29/67] nodejs-16_x: init at 16.0.0 https://github.com/nodejs/node/releases/tag/v16.0.0 --- pkgs/development/web/nodejs/v16.nix | 13 +++++++++++++ pkgs/top-level/all-packages.nix | 8 ++++++-- 2 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 pkgs/development/web/nodejs/v16.nix diff --git a/pkgs/development/web/nodejs/v16.nix b/pkgs/development/web/nodejs/v16.nix new file mode 100644 index 000000000000..b114c65cd166 --- /dev/null +++ b/pkgs/development/web/nodejs/v16.nix @@ -0,0 +1,13 @@ +{ callPackage, openssl, python3, enableNpm ? true }: + +let + buildNodejs = callPackage ./nodejs.nix { + inherit openssl; + python = python3; + }; +in + buildNodejs { + inherit enableNpm; + version = "16.0.0"; + sha256 = "00mada0vvybizygwhzsq6gcz0m2k864lfiiqqlnw8gcc3q8r1js7"; + } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 90ab3ca2bc81..c3e38cf9431b 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6181,9 +6181,13 @@ in nodejs-slim-15_x = callPackage ../development/web/nodejs/v15.nix { enableNpm = false; }; + nodejs-16_x = callPackage ../development/web/nodejs/v16.nix { }; + nodejs-slim-16_x = callPackage ../development/web/nodejs/v16.nix { + enableNpm = false; + }; # Update this when adding the newest nodejs major version! - nodejs_latest = nodejs-15_x; - nodejs-slim_latest = nodejs-slim-15_x; + nodejs_latest = nodejs-16_x; + nodejs-slim_latest = nodejs-slim-16_x; nodePackages_latest = dontRecurseIntoAttrs (callPackage ../development/node-packages/default.nix { nodejs = pkgs.nodejs_latest; From e80707d6ba677197257e9848cb18fee467daa075 Mon Sep 17 00:00:00 2001 From: marius david Date: Sun, 18 Apr 2021 01:04:00 +0200 Subject: [PATCH 30/67] simgear: 2020.3.6 -> 2020.3.8 --- pkgs/development/libraries/simgear/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/development/libraries/simgear/default.nix b/pkgs/development/libraries/simgear/default.nix index e67cb1736b75..b5df83a0b90c 100644 --- a/pkgs/development/libraries/simgear/default.nix +++ b/pkgs/development/libraries/simgear/default.nix @@ -1,10 +1,10 @@ { lib, stdenv, fetchurl, plib, freeglut, xorgproto, libX11, libXext, libXi , libICE, libSM, libXt, libXmu, libGLU, libGL, boost, zlib, libjpeg, freealut -, openscenegraph, openal, expat, cmake, apr +, openscenegraph, openal, expat, cmake, apr, xz , curl }: let - version = "2020.3.6"; + version = "2020.3.8"; shortVersion = builtins.substring 0 6 version; in stdenv.mkDerivation rec { @@ -13,13 +13,13 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://sourceforge/flightgear/release-${shortVersion}/${pname}-${version}.tar.bz2"; - sha256 = "sha256-7D7KRNIffgUr6vwbni1XwW+8GtXwM6vJZ7V6/QLDVmk="; + sha256 = "sha256-UXcWV9MPu7c+QlFjrhxtQ6ruAcxuKtewwphu4tt5dWc="; }; nativeBuildInputs = [ cmake ]; buildInputs = [ plib freeglut xorgproto libX11 libXext libXi libICE libSM libXt libXmu libGLU libGL boost zlib libjpeg freealut - openscenegraph openal expat apr curl ]; + openscenegraph openal expat apr curl xz ]; meta = with lib; { description = "Simulation construction toolkit"; From dba7df8e4fb83d8754fe48d7315111b3cbaa9fc9 Mon Sep 17 00:00:00 2001 From: marius david Date: Sun, 18 Apr 2021 01:04:38 +0200 Subject: [PATCH 31/67] flightgear: 2020.3.4 -> 2020.3.8 --- pkgs/games/flightgear/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/games/flightgear/default.nix b/pkgs/games/flightgear/default.nix index 62db756a4839..0996d4bd512b 100644 --- a/pkgs/games/flightgear/default.nix +++ b/pkgs/games/flightgear/default.nix @@ -6,15 +6,15 @@ }: let - version = "2020.3.4"; + version = "2020.3.8"; shortVersion = builtins.substring 0 6 version; data = stdenv.mkDerivation rec { pname = "flightgear-data"; inherit version; src = fetchurl { - url = "mirror://sourceforge/flightgear/release-${shortVersion}/FlightGear-${version}-data.tar.bz2"; - sha256 = "1cqikbqvidfaynml9bhqfr9yw5ga35gpqrbz62z94a1skdijkpkg"; + url = "mirror://sourceforge/flightgear/release-${shortVersion}/FlightGear-${version}-data.txz"; + sha256 = "sha256-/KFumHRkmRvsU/L1i11jG/KbqobnOEP7l4lyPMKHycA="; }; phases = [ "installPhase" ]; @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://sourceforge/flightgear/release-${shortVersion}/${pname}-${version}.tar.bz2"; - sha256 = "02d9h10p8hyn0a25csragj6pbwmrir1z8zb92023s9vi21j7bwy8"; + sha256 = "XXDqhZ9nR+FwQ3LauZe8iGxOjlyDXDrEtj61BQGVDYc="; }; # Of all the files in the source and data archives, there doesn't seem to be From 647960c60bfcefaf0b2199ab1a783a10298354c1 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Tue, 20 Apr 2021 08:53:31 +0200 Subject: [PATCH 32/67] cosign: 0.2.0 -> 0.3.0 Release notes: https://github.com/sigstore/cosign/releases/tag/v0.3.0 --- pkgs/tools/security/cosign/default.nix | 14 ++++++++++---- pkgs/top-level/all-packages.nix | 4 +++- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/pkgs/tools/security/cosign/default.nix b/pkgs/tools/security/cosign/default.nix index c0ef3b7400a9..7b552316da3d 100644 --- a/pkgs/tools/security/cosign/default.nix +++ b/pkgs/tools/security/cosign/default.nix @@ -1,17 +1,23 @@ -{ lib, buildGoModule, fetchFromGitHub }: +{ stdenv, lib, buildGoModule, fetchFromGitHub, pcsclite, pkg-config, PCSC }: buildGoModule rec { pname = "cosign"; - version = "0.2.0"; + version = "0.3.0"; src = fetchFromGitHub { owner = "sigstore"; repo = pname; rev = "v${version}"; - sha256 = "1zwb2q62ngb2zh1hasvq7r7pmrjlpgfhs5raibbhkxbk5kayvmii"; + sha256 = "0hisjyn5z93w34gxvz1z0l74gmj8js5l3lbqhqz7pc0fra59lvx6"; }; - vendorSha256 = "0nwbjaps4z5fhiknbj9pybxb6kgwb1vf2qhy0mzpycprf04q6g0v"; + buildInputs = + lib.optional stdenv.isLinux (lib.getDev pcsclite) + ++ lib.optionals stdenv.isDarwin [ PCSC ]; + + nativeBuildInputs = [ pkg-config ]; + + vendorSha256 = "15163v484rv08rn439y38r9spyqn3lf4q4ly8xr18nnf4bs3h6y2"; subPackages = [ "cmd/cosign" ]; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 74aac662d8e1..4b1d54c43548 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1274,7 +1274,9 @@ in corsmisc = callPackage ../tools/security/corsmisc { }; - cosign = callPackage ../tools/security/cosign { }; + cosign = callPackage ../tools/security/cosign { + inherit (darwin.apple_sdk.frameworks) PCSC; + }; cozy = callPackage ../applications/audio/cozy-audiobooks { }; From b41e56b7513872bec52606304b76d81ac26be4a6 Mon Sep 17 00:00:00 2001 From: lunik1 Date: Tue, 20 Apr 2021 18:38:09 +0100 Subject: [PATCH 33/67] mpvScripts: use stdenvNoCC mpv lua scripts do not require a C compiler --- pkgs/applications/video/mpv/scripts/autoload.nix | 4 ++-- pkgs/applications/video/mpv/scripts/convert.nix | 4 ++-- pkgs/applications/video/mpv/scripts/mpvacious.nix | 4 ++-- pkgs/applications/video/mpv/scripts/simple-mpv-webui.nix | 4 ++-- pkgs/applications/video/mpv/scripts/sponsorblock.nix | 4 ++-- pkgs/applications/video/mpv/scripts/thumbnail.nix | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/pkgs/applications/video/mpv/scripts/autoload.nix b/pkgs/applications/video/mpv/scripts/autoload.nix index f64e702f21cf..1840040d8368 100644 --- a/pkgs/applications/video/mpv/scripts/autoload.nix +++ b/pkgs/applications/video/mpv/scripts/autoload.nix @@ -1,6 +1,6 @@ -{ stdenv, fetchurl, mpv-unwrapped, lib }: +{ stdenvNoCC, fetchurl, mpv-unwrapped, lib }: -stdenv.mkDerivation rec { +stdenvNoCC.mkDerivation rec { pname = "mpv-autoload"; version = mpv-unwrapped.version; src = "${mpv-unwrapped.src.outPath}/TOOLS/lua/autoload.lua"; diff --git a/pkgs/applications/video/mpv/scripts/convert.nix b/pkgs/applications/video/mpv/scripts/convert.nix index ce0695203328..935740db2764 100644 --- a/pkgs/applications/video/mpv/scripts/convert.nix +++ b/pkgs/applications/video/mpv/scripts/convert.nix @@ -1,7 +1,7 @@ -{ stdenv, fetchgit, lib +{ stdenvNoCC, fetchgit, lib , yad, mkvtoolnix-cli, libnotify }: -stdenv.mkDerivation { +stdenvNoCC.mkDerivation { pname = "mpv-convert-script"; version = "2016-03-18"; src = fetchgit { diff --git a/pkgs/applications/video/mpv/scripts/mpvacious.nix b/pkgs/applications/video/mpv/scripts/mpvacious.nix index 0995d976e60c..3225317d78bc 100644 --- a/pkgs/applications/video/mpv/scripts/mpvacious.nix +++ b/pkgs/applications/video/mpv/scripts/mpvacious.nix @@ -1,6 +1,6 @@ -{ lib, stdenv, fetchFromGitHub, curl, xclip }: +{ lib, stdenvNoCC, fetchFromGitHub, curl, xclip }: -stdenv.mkDerivation rec { +stdenvNoCC.mkDerivation rec { pname = "mpvacious"; version = "0.14"; diff --git a/pkgs/applications/video/mpv/scripts/simple-mpv-webui.nix b/pkgs/applications/video/mpv/scripts/simple-mpv-webui.nix index 0c0597d3afb2..99b731757ff9 100644 --- a/pkgs/applications/video/mpv/scripts/simple-mpv-webui.nix +++ b/pkgs/applications/video/mpv/scripts/simple-mpv-webui.nix @@ -1,6 +1,6 @@ -{ lib, stdenv +{ lib, stdenvNoCC , fetchFromGitHub }: -stdenv.mkDerivation rec { +stdenvNoCC.mkDerivation rec { pname = "simple-mpv-ui"; version = "1.0.0"; diff --git a/pkgs/applications/video/mpv/scripts/sponsorblock.nix b/pkgs/applications/video/mpv/scripts/sponsorblock.nix index 79ede806b0ca..5d33bfd92a48 100644 --- a/pkgs/applications/video/mpv/scripts/sponsorblock.nix +++ b/pkgs/applications/video/mpv/scripts/sponsorblock.nix @@ -1,7 +1,7 @@ -{ lib, stdenv, fetchFromGitHub, fetchpatch, python3 }: +{ lib, stdenvNoCC, fetchFromGitHub, fetchpatch, python3 }: # Usage: `pkgs.mpv.override { scripts = [ pkgs.mpvScripts.sponsorblock ]; }` -stdenv.mkDerivation { +stdenvNoCC.mkDerivation { pname = "mpv_sponsorblock"; version = "unstable-2020-07-05"; diff --git a/pkgs/applications/video/mpv/scripts/thumbnail.nix b/pkgs/applications/video/mpv/scripts/thumbnail.nix index cda15b2674c0..4bee220f4c98 100644 --- a/pkgs/applications/video/mpv/scripts/thumbnail.nix +++ b/pkgs/applications/video/mpv/scripts/thumbnail.nix @@ -1,6 +1,6 @@ -{ fetchFromGitHub, lib, python3, stdenv }: +{ fetchFromGitHub, lib, python3, stdenvNoCC }: -stdenv.mkDerivation rec { +stdenvNoCC.mkDerivation rec { pname = "mpv_thumbnail_script"; version = "unstable-2020-01-16"; From 9485531db962409f5053cc53c8c6731f2dc0d93a Mon Sep 17 00:00:00 2001 From: lunik1 Date: Tue, 20 Apr 2021 18:54:41 +0100 Subject: [PATCH 34/67] mpvScripts.autoload: remove unused dependency on fetchurl --- pkgs/applications/video/mpv/scripts/autoload.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/video/mpv/scripts/autoload.nix b/pkgs/applications/video/mpv/scripts/autoload.nix index 1840040d8368..8f09070c5f4f 100644 --- a/pkgs/applications/video/mpv/scripts/autoload.nix +++ b/pkgs/applications/video/mpv/scripts/autoload.nix @@ -1,4 +1,4 @@ -{ stdenvNoCC, fetchurl, mpv-unwrapped, lib }: +{ stdenvNoCC, mpv-unwrapped, lib }: stdenvNoCC.mkDerivation rec { pname = "mpv-autoload"; From eee5a743812fb824c517a3ec0efd62dc9ccfb288 Mon Sep 17 00:00:00 2001 From: lunik1 Date: Tue, 20 Apr 2021 18:58:09 +0100 Subject: [PATCH 35/67] mpvScripts.convert: set license to unfree The upstream gist has no license, to the license should be unfree as per CONTRIBUTING.md --- pkgs/applications/video/mpv/scripts/convert.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/video/mpv/scripts/convert.nix b/pkgs/applications/video/mpv/scripts/convert.nix index 935740db2764..b7d6ea88fe16 100644 --- a/pkgs/applications/video/mpv/scripts/convert.nix +++ b/pkgs/applications/video/mpv/scripts/convert.nix @@ -30,14 +30,15 @@ stdenvNoCC.mkDerivation { ''; passthru.scriptName = "convert_script.lua"; - meta = { + meta = with lib; { description = "Convert parts of a video while you are watching it in mpv"; homepage = "https://gist.github.com/Zehkul/25ea7ae77b30af959be0"; - maintainers = [ lib.maintainers.Profpatsch ]; + maintainers = [ maintainers.Profpatsch ]; longDescription = '' When this script is loaded into mpv, you can hit Alt+W to mark the beginning and Alt+W again to mark the end of the clip. Then a settings window opens. ''; + license = licenses.unfree; }; } From 2257eced8cad68844686b413dc8877d6507f4c96 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Tue, 20 Apr 2021 21:16:53 +0200 Subject: [PATCH 36/67] hfinger: 0.2.0 -> 0.2.1 --- pkgs/tools/security/hfinger/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/hfinger/default.nix b/pkgs/tools/security/hfinger/default.nix index 9e053276ecf7..8116c222d077 100644 --- a/pkgs/tools/security/hfinger/default.nix +++ b/pkgs/tools/security/hfinger/default.nix @@ -6,14 +6,14 @@ python3.pkgs.buildPythonApplication rec { pname = "hfinger"; - version = "0.2.0"; + version = "0.2.1"; disabled = python3.pythonOlder "3.3"; src = fetchFromGitHub { owner = "CERT-Polska"; repo = pname; rev = "v${version}"; - sha256 = "1vz8mf572qyng684fvb9gdwaaiybk7mjmikbymvjvy24d10raak1"; + sha256 = "sha256-QKnrprDDBq+D8N1brkqgcfK4E+6ssvgPtRaSxkF0C84="; }; propagatedBuildInputs = with python3.pkgs; [ From 78c1ab76d71c94656b66b970af6b4573ba6a423f Mon Sep 17 00:00:00 2001 From: Hunter Jones Date: Tue, 20 Apr 2021 14:25:40 -0500 Subject: [PATCH 37/67] websocat: 1.6.0 -> 1.8.0 --- pkgs/tools/misc/websocat/default.nix | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/pkgs/tools/misc/websocat/default.nix b/pkgs/tools/misc/websocat/default.nix index d5f09d9f9fa6..821c059a45f5 100644 --- a/pkgs/tools/misc/websocat/default.nix +++ b/pkgs/tools/misc/websocat/default.nix @@ -2,21 +2,24 @@ rustPlatform.buildRustPackage rec { pname = "websocat"; - version = "1.6.0"; + version = "1.8.0"; src = fetchFromGitHub { owner = "vi"; - repo = "websocat"; + repo = pname; rev = "v${version}"; - sha256 = "0iilq96bxcb2fsljvlgy47pg514w0jf72ckz39yy3k0gwc1yfcja"; + sha256 = "sha256-jwoWxK4phBqhIeo3+oRnpGsfvtn9gTR1ryd4N+0Lmbw="; }; cargoBuildFlags = [ "--features=ssl" ]; - cargoSha256 = "1hsms8rlnds8npr8m0dm21h04ci5ljda09pqb598v7ny3j2dldiq"; + cargoSha256 = "sha256-+3SG1maarY4DJ4+QiYGwltGLksOoOhKtcqstRwgzi2k="; nativeBuildInputs = [ pkg-config makeWrapper ]; buildInputs = [ openssl ] ++ lib.optional stdenv.isDarwin Security; + # Needed to get openssl-sys to use pkg-config. + OPENSSL_NO_VENDOR=1; + # The wrapping is required so that the "sh-c" option of websocat works even # if sh is not in the PATH (as can happen, for instance, when websocat is # started as a systemd service). @@ -26,8 +29,9 @@ rustPlatform.buildRustPackage rec { ''; meta = with lib; { - description = "Command-line client for WebSockets (like netcat/socat)"; homepage = "https://github.com/vi/websocat"; + description = "Command-line client for WebSockets (like netcat/socat)"; + changelog = "https://github.com/vi/websocat/releases/tag/v${version}"; license = licenses.mit; maintainers = with maintainers; [ thoughtpolice Br1ght0ne ]; }; From 2512e59befbfffee184422d62cd9e6be1cc20b65 Mon Sep 17 00:00:00 2001 From: Aksh Gupta Date: Wed, 21 Apr 2021 00:17:08 +0530 Subject: [PATCH 38/67] jql: init at 2.9.4 --- pkgs/development/tools/jql/default.nix | 22 ++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 24 insertions(+) create mode 100644 pkgs/development/tools/jql/default.nix diff --git a/pkgs/development/tools/jql/default.nix b/pkgs/development/tools/jql/default.nix new file mode 100644 index 000000000000..381a53f0f1e5 --- /dev/null +++ b/pkgs/development/tools/jql/default.nix @@ -0,0 +1,22 @@ +{ lib, fetchFromGitHub, rustPlatform }: + +rustPlatform.buildRustPackage rec { + pname = "jql"; + version = "2.9.4"; + + src = fetchFromGitHub { + owner = "yamafaktory"; + repo = pname; + rev = "v${version}"; + sha256 = "1rwnmp2rnzwc7anmk7nr8l4ncza8s1f8sn0r2la4ai2sx1iqn06h"; + }; + + cargoSha256 = "1c83mmdxci7l3c6ja5fhk4cak1gcbg0r0nlpbpims5gi16nf99r3"; + + meta = with lib; { + description = "A JSON Query Language CLI tool built with Rust"; + homepage = "https://github.com/yamafaktory/jql"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ akshgpt7 ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ad05948227ed..f1e27041fab5 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -5743,6 +5743,8 @@ in jq = callPackage ../development/tools/jq { }; + jql = callPackage ../development/tools/jql { }; + jo = callPackage ../development/tools/jo { }; jrnl = python3Packages.callPackage ../applications/misc/jrnl { }; From 9c560ca9c043e647d90a9a65dd38b9303376c0ed Mon Sep 17 00:00:00 2001 From: Aksh Gupta Date: Wed, 21 Apr 2021 00:21:35 +0530 Subject: [PATCH 39/67] maintainers: add akshgpt7 --- maintainers/maintainer-list.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index a4d4b1461688..e8b9a7aa0734 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -374,6 +374,12 @@ githubId = 786394; name = "Alexander Krupenkin "; }; + akshgpt7 = { + email = "akshgpt7@gmail.com"; + github = "akshgpt7"; + githubId = 20405311; + name = "Aksh Gupta"; + }; albakham = { email = "dev@geber.ga"; github = "albakham"; From ab7032446922199e05b07b6adb4c32b0e191be33 Mon Sep 17 00:00:00 2001 From: lunik1 Date: Tue, 20 Apr 2021 19:46:36 +0100 Subject: [PATCH 40/67] mpvScritps.convert: mark as broken See: #113202 --- pkgs/applications/video/mpv/scripts/convert.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/applications/video/mpv/scripts/convert.nix b/pkgs/applications/video/mpv/scripts/convert.nix index b7d6ea88fe16..2ff335b083a6 100644 --- a/pkgs/applications/video/mpv/scripts/convert.nix +++ b/pkgs/applications/video/mpv/scripts/convert.nix @@ -39,6 +39,8 @@ stdenvNoCC.mkDerivation { and Alt+W again to mark the end of the clip. Then a settings window opens. ''; license = licenses.unfree; + # script crashes mpv. See https://github.com/NixOS/nixpkgs/issues/113202 + broken = true; }; } From 783ffb27ce51b0b9192845607082f7b73c704901 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Tue, 20 Apr 2021 23:54:28 +0200 Subject: [PATCH 41/67] ldeep: 1.0.10 -> 1.0.11 --- pkgs/tools/security/ldeep/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/ldeep/default.nix b/pkgs/tools/security/ldeep/default.nix index db4d14ba3ed7..82d0456a05b7 100644 --- a/pkgs/tools/security/ldeep/default.nix +++ b/pkgs/tools/security/ldeep/default.nix @@ -10,11 +10,11 @@ buildPythonApplication rec { pname = "ldeep"; - version = "1.0.10"; + version = "1.0.11"; src = fetchPypi { inherit pname version; - sha256 = "sha256-/7mcmAj69NmuiK+xlQijAk39sMLDX8kHatmSI6XYbwE="; + sha256 = "sha256-MYVC8fxLW85n8uZVMhb2Zml1lQ8vW9gw/eRLcmemQx4="; }; propagatedBuildInputs = [ From da711cec8808a23bd406668d0aacaca9211ace64 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 21 Apr 2021 00:06:27 +0200 Subject: [PATCH 42/67] sish: init at 1.1.5 --- pkgs/tools/networking/sish/default.nix | 25 +++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 27 insertions(+) create mode 100644 pkgs/tools/networking/sish/default.nix diff --git a/pkgs/tools/networking/sish/default.nix b/pkgs/tools/networking/sish/default.nix new file mode 100644 index 000000000000..181582f5452f --- /dev/null +++ b/pkgs/tools/networking/sish/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "sish"; + version = "1.1.5"; + + src = fetchFromGitHub { + owner = "antoniomika"; + repo = pname; + rev = "v${version}"; + sha256 = "06ckgxhnijs7yrj0hhwh1vk2fvapwn6wb44w3g6qs6n6fmqh92mb"; + }; + + vendorSha256 = "0vfazbaiaqka5nd7imh5ls7k3asf1c17y081nzkban98svg3l3sj"; + + meta = with lib; { + description = "HTTP(S)/WS(S)/TCP Tunnels to localhost"; + homepage = "https://github.com/antoniomika/sish"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 74aac662d8e1..ebae13189467 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -25728,6 +25728,8 @@ in siproxd = callPackage ../applications/networking/siproxd { }; + sish = callPackage ../tools/networking/sish { }; + skypeforlinux = callPackage ../applications/networking/instant-messengers/skypeforlinux { }; skype4pidgin = callPackage ../applications/networking/instant-messengers/pidgin-plugins/skype4pidgin { }; From 3f2b84a75450f003538662587fa09c4e9a0dc9df Mon Sep 17 00:00:00 2001 From: mlvzk Date: Wed, 21 Apr 2021 03:08:54 +0200 Subject: [PATCH 43/67] manix: 0.6.2 -> 0.6.3 (#119912) Co-authored-by: Sandro --- pkgs/tools/nix/manix/default.nix | 10 +++++----- pkgs/top-level/all-packages.nix | 4 +++- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/pkgs/tools/nix/manix/default.nix b/pkgs/tools/nix/manix/default.nix index 6c9f02f0e4fd..768a283ebd26 100644 --- a/pkgs/tools/nix/manix/default.nix +++ b/pkgs/tools/nix/manix/default.nix @@ -1,19 +1,19 @@ -{ lib, stdenv, fetchFromGitHub, rustPlatform, darwin }: +{ lib, stdenv, fetchFromGitHub, rustPlatform, darwin, Security }: rustPlatform.buildRustPackage rec { pname = "manix"; - version = "0.6.2"; + version = "0.6.3"; src = fetchFromGitHub { owner = "mlvzk"; repo = pname; rev = "v${version}"; - sha256 = "0fv3sgzwjsgq2h1177r8r1cl5zrfja4ll801sd0bzj3nzmkyww7p"; + sha256 = "1b7xi8c2drbwzfz70czddc4j33s7g1alirv12dwl91hbqxifx8qs"; }; - buildInputs = lib.optional stdenv.isDarwin [ darwin.Security ]; + buildInputs = lib.optionals stdenv.isDarwin [ Security ]; - cargoSha256 = "0f2q3bj1cmpbma0fjhc2lc92j4al78fhrx3yc37kmbgzaza0yan5"; + cargoSha256 = "1yivx9vzk2fvncvlkwq5v11hb9llr1zlcmy69y12q6xnd9rd8x1b"; meta = with lib; { description = "A Fast Documentation Searcher for Nix"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1616f9070279..eda4ec637bd9 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6493,7 +6493,9 @@ in mandoc = callPackage ../tools/misc/mandoc { }; - manix = callPackage ../tools/nix/manix {}; + manix = callPackage ../tools/nix/manix { + inherit (darwin.apple_sdk.frameworks) Security; + }; marktext = callPackage ../applications/misc/marktext { }; From 431db0eaadde71a9804b5bfe4edcf635bb987332 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Tue, 20 Apr 2021 21:52:23 +0200 Subject: [PATCH 44/67] git-interactive-rebase-tool: 2.0.0 -> 2.1.0 --- .../git-interactive-rebase-tool/default.nix | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/version-management/git-and-tools/git-interactive-rebase-tool/default.nix b/pkgs/applications/version-management/git-and-tools/git-interactive-rebase-tool/default.nix index f28d49702bce..be6e96fc8ff5 100644 --- a/pkgs/applications/version-management/git-and-tools/git-interactive-rebase-tool/default.nix +++ b/pkgs/applications/version-management/git-and-tools/git-interactive-rebase-tool/default.nix @@ -2,21 +2,28 @@ rustPlatform.buildRustPackage rec { pname = "git-interactive-rebase-tool"; - version = "2.0.0"; + version = "2.1.0"; src = fetchFromGitHub { owner = "MitMaro"; repo = pname; rev = version; - sha256 = "117zwxyq2vc33nbnfpjbdr5vc2l5ymf6ln1dm5551ha3y3gdq3bf"; + sha256 = "sha256-DYl/GUbeNtKmXoR3gq8mK8EfsZNVNlrdngAwfzG+epw="; }; - cargoSha256 = "051llwk9swq03xdqwyj0hlyv2ywq2f1cnks95nygyy393q7v930x"; + cargoSha256 = "sha256-1joMWPfn0s+pLsO6NHMT6AoXZ33R8MY2AWSrROY2mw8="; buildInputs = lib.optionals stdenv.isDarwin [ libiconv Security ]; - # external_editor::tests::* tests fail - doCheck = false; + checkFlags = [ + "--skip=external_editor::tests::edit_success" + "--skip=external_editor::tests::editor_non_zero_exit" + "--skip=external_editor::tests::empty_edit_abort_rebase" + "--skip=external_editor::tests::empty_edit_error" + "--skip=external_editor::tests::empty_edit_noop" + "--skip=external_editor::tests::empty_edit_re_edit_rebase_file" + "--skip=external_editor::tests::empty_edit_undo_and_edit" + ]; meta = with lib; { homepage = "https://github.com/MitMaro/git-interactive-rebase-tool"; From 5bc2962319ca6ccbd0033c95d3e00c9fde1b67ff Mon Sep 17 00:00:00 2001 From: SCOTT-HAMILTON Date: Wed, 21 Apr 2021 03:18:35 +0200 Subject: [PATCH 45/67] remake: 4.1 -> 4.3 (#119737) Co-authored-by: Sandro --- .../tools/build-managers/remake/default.nix | 29 ++++++++++++++----- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/pkgs/development/tools/build-managers/remake/default.nix b/pkgs/development/tools/build-managers/remake/default.nix index f61a7e774583..dc3920d17474 100644 --- a/pkgs/development/tools/build-managers/remake/default.nix +++ b/pkgs/development/tools/build-managers/remake/default.nix @@ -1,27 +1,40 @@ -{ lib, stdenv, fetchurl, readline }: +{ lib +, stdenv +, fetchurl +, pkg-config +, readline +, guileSupport ? false +, guile +}: stdenv.mkDerivation rec { pname = "remake"; - remakeVersion = "4.1"; - dbgVersion = "1.1"; + remakeVersion = "4.3"; + dbgVersion = "1.5"; version = "${remakeVersion}+dbg-${dbgVersion}"; src = fetchurl { - url = "mirror://sourceforge/project/bashdb/remake/${version}/remake-${remakeVersion}+dbg${dbgVersion}.tar.bz2"; - sha256 = "1zi16pl7sqn1aa8b7zqm9qnd9vjqyfywqm8s6iap4clf86l7kss2"; + url = "mirror://sourceforge/project/bashdb/remake/${version}/remake-${remakeVersion}+dbg-${dbgVersion}.tar.gz"; + sha256 = "0xlx2485y0israv2pfghmv74lxcv9i5y65agy69mif76yc4vfvif"; }; patches = [ ./glibc-2.27-glob.patch ]; - buildInputs = [ readline ]; + nativeBuildInputs = [ + pkg-config + ]; + buildInputs = [ readline ] + ++ lib.optionals guileSupport [ guile ]; + + # make check fails, see https://github.com/rocky/remake/issues/117 meta = { homepage = "http://bashdb.sourceforge.net/remake/"; - license = lib.licenses.gpl3; + license = lib.licenses.gpl3Plus; description = "GNU Make with comprehensible tracing and a debugger"; platforms = with lib.platforms; linux ++ darwin; - maintainers = with lib.maintainers; [ bjornfor ]; + maintainers = with lib.maintainers; [ bjornfor shamilton ]; }; } From f9f05c1e9273f223a6554731d06f6516d64da650 Mon Sep 17 00:00:00 2001 From: Taeer Bar-Yam Date: Tue, 20 Apr 2021 21:31:11 -0400 Subject: [PATCH 46/67] SDL2: fix cross-compile to windows (mingw) --- pkgs/development/libraries/SDL2/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/SDL2/default.nix b/pkgs/development/libraries/SDL2/default.nix index 92bd85b1e8c9..f70a46e2f8ed 100644 --- a/pkgs/development/libraries/SDL2/default.nix +++ b/pkgs/development/libraries/SDL2/default.nix @@ -2,7 +2,7 @@ , libGLSupported ? lib.elem stdenv.hostPlatform.system lib.platforms.mesaPlatforms , openglSupport ? libGLSupported, libGL , alsaSupport ? stdenv.isLinux && !stdenv.hostPlatform.isAndroid, alsaLib -, x11Support ? !stdenv.isCygwin && !stdenv.hostPlatform.isAndroid +, x11Support ? !stdenv.targetPlatform.isWindows && !stdenv.hostPlatform.isAndroid , libX11, xorgproto, libICE, libXi, libXScrnSaver, libXcursor , libXinerama, libXext, libXxf86vm, libXrandr , waylandSupport ? stdenv.isLinux && !stdenv.hostPlatform.isAndroid @@ -79,6 +79,7 @@ stdenv.mkDerivation rec { "--disable-oss" ] ++ optional (!x11Support) "--without-x" ++ optional alsaSupport "--with-alsa-prefix=${alsaLib.out}/lib" + ++ optional stdenv.targetPlatform.isWindows "--disable-video-opengles" ++ optional stdenv.isDarwin "--disable-sdltest"; # We remove libtool .la files when static libs are requested, From e322cff6ac4eff8c43f5a74ceb513625c0613e9d Mon Sep 17 00:00:00 2001 From: Zane van Iperen Date: Wed, 21 Apr 2021 10:40:21 +1000 Subject: [PATCH 47/67] maintainers: add zane --- maintainers/maintainer-list.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 66ba4f5edef7..c2df64df87d8 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -11292,6 +11292,16 @@ github = "pulsation"; githubId = 1838397; }; + zane = { + name = "Zane van Iperen"; + email = "zane@zanevaniperen.com"; + github = "vs49688"; + githubId = 4423262; + keys = [{ + longkeyid = "rsa4096/0x68616B2D8AC4DCC5"; + fingerprint = "61AE D40F 368B 6F26 9DAE 3892 6861 6B2D 8AC4 DCC5"; + }]; + }; zseri = { name = "zseri"; email = "zseri.devel@ytrizja.de"; From 951704afafdc2ccb1508718d02e2300ad7cf12ec Mon Sep 17 00:00:00 2001 From: Taeer Bar-Yam Date: Tue, 20 Apr 2021 22:27:09 -0400 Subject: [PATCH 48/67] libconfig: fix cross-compile to windows --- pkgs/development/libraries/libconfig/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/libconfig/default.nix b/pkgs/development/libraries/libconfig/default.nix index ae5f11764633..7387e9edc5b5 100644 --- a/pkgs/development/libraries/libconfig/default.nix +++ b/pkgs/development/libraries/libconfig/default.nix @@ -11,11 +11,13 @@ stdenv.mkDerivation rec { doCheck = true; + configureFlags = lib.optional stdenv.targetPlatform.isWindows "--disable-examples"; + meta = with lib; { homepage = "http://www.hyperrealm.com/libconfig"; description = "A simple library for processing structured configuration files"; license = licenses.lgpl3; maintainers = [ maintainers.goibhniu ]; - platforms = platforms.linux ++ platforms.darwin; + platforms = with platforms; linux ++ darwin ++ windows; }; } From 21ab9be498cd0205cc714f2d4c7fb6c5e419c727 Mon Sep 17 00:00:00 2001 From: Zane van Iperen Date: Wed, 21 Apr 2021 12:46:44 +1000 Subject: [PATCH 49/67] openrussian-cli: init at 1.0.0 --- pkgs/misc/openrussian-cli/default.nix | 61 +++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 63 insertions(+) create mode 100644 pkgs/misc/openrussian-cli/default.nix diff --git a/pkgs/misc/openrussian-cli/default.nix b/pkgs/misc/openrussian-cli/default.nix new file mode 100644 index 000000000000..ce9a9e49c4ca --- /dev/null +++ b/pkgs/misc/openrussian-cli/default.nix @@ -0,0 +1,61 @@ +{ stdenv, lib, fetchFromGitHub, gnumake, pkg-config, wget, unzip, gawk +, sqlite, which, luaPackages, installShellFiles, makeWrapper +}: +stdenv.mkDerivation rec { + pname = "openrussian-cli"; + version = "1.0.0"; + + src = fetchFromGitHub { + owner = "rhaberkorn"; + repo = "openrussian-cli"; + rev = version; + sha256 = "1ria7s7dpqip2wdwn35wmkry84g8ghdqnxc9cbxzzq63vl6pgvcn"; + }; + + nativeBuildInputs = [ + gnumake pkg-config wget unzip gawk sqlite which installShellFiles makeWrapper + ]; + + buildInputs = with luaPackages; [ lua luasql-sqlite3 luautf8 ]; + + makeFlags = [ + "LUA=${luaPackages.lua}/bin/lua" + "LUAC=${luaPackages.lua}/bin/luac" + ]; + + dontConfigure = true; + + # Disable check as it's too slow. + # doCheck = true; + + #This is needed even though it's the default for some reason. + checkTarget = "check"; + + # Can't use "make install" here + installPhase = '' + runHook preInstall + + mkdir -p $out/bin $out/share/openrussian + cp openrussian-sqlite3.db $out/share/openrussian + cp openrussian $out/bin + + wrapProgram $out/bin/openrussian \ + --prefix LUA_PATH ';' "$LUA_PATH" \ + --prefix LUA_CPATH ';' "$LUA_CPATH" + + runHook postInstall + ''; + + postInstall = '' + installShellCompletion --cmd openrussian --bash ./openrussian-completion.bash + installManPage ./openrussian.1 + ''; + + meta = with lib; { + homepage = "https://github.com/rhaberkorn/openrussian-cli"; + description = "Offline Console Russian Dictionary (based on openrussian.org)"; + license = with licenses; [ gpl3Only mit cc-by-sa-40 ]; + maintainers = with maintainers; [ zane ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 90ab3ca2bc81..ee16baa8044a 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7156,6 +7156,8 @@ in openrgb = libsForQt5.callPackage ../applications/misc/openrgb { }; + openrussian-cli = callPackage ../misc/openrussian-cli { }; + opensc = callPackage ../tools/security/opensc { inherit (darwin.apple_sdk.frameworks) Carbon PCSC; }; From c15541a27c843da516baa058bc790240013c3bc0 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Wed, 21 Apr 2021 07:28:39 +0200 Subject: [PATCH 50/67] dropwatch. 1.5.1 -> 1.5.3 (#119989) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * dropwatch. 1.5.1 -> 1.5.3 https://github.com/nhorman/dropwatch/releases/tag/v1.5.2 https://github.com/nhorman/dropwatch/releases/tag/v1.5.3 Co-authored-by: Jörg Thalheim --- pkgs/os-specific/linux/dropwatch/default.nix | 39 ++++++++++++++------ 1 file changed, 28 insertions(+), 11 deletions(-) diff --git a/pkgs/os-specific/linux/dropwatch/default.nix b/pkgs/os-specific/linux/dropwatch/default.nix index 288dea85cc82..c2701c057193 100644 --- a/pkgs/os-specific/linux/dropwatch/default.nix +++ b/pkgs/os-specific/linux/dropwatch/default.nix @@ -1,30 +1,47 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config -, libnl, readline, libbfd, ncurses, zlib }: +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, pkg-config +, libbfd +, libnl +, libpcap +, ncurses +, readline +, zlib +}: stdenv.mkDerivation rec { pname = "dropwatch"; - version = "1.5.1"; + version = "1.5.3"; src = fetchFromGitHub { owner = "nhorman"; repo = pname; rev = "v${version}"; - sha256 = "1qmax0l7z1qik42c949fnvjh5r6awk4gpgzdsny8iwnmwzjyp8b8"; + sha256 = "0axx0zzrs7apqnl0r70jyvmgk7cs5wk185id479mapgngibwkyxy"; }; - nativeBuildInputs = [ autoreconfHook pkg-config ]; - buildInputs = [ libbfd libnl ncurses readline zlib ]; - - # To avoid running into https://sourceware.org/bugzilla/show_bug.cgi?id=14243 we need to define: - NIX_CFLAGS_COMPILE = "-DPACKAGE=${pname} -DPACKAGE_VERSION=${version}"; + nativeBuildInputs = [ + autoreconfHook + pkg-config + ]; + buildInputs = [ + libbfd + libnl + libpcap + ncurses + readline + zlib + ]; enableParallelBuilding = true; meta = with lib; { description = "Linux kernel dropped packet monitor"; homepage = "https://github.com/nhorman/dropwatch"; - license = licenses.gpl2; + license = licenses.gpl2Plus; platforms = platforms.linux; - maintainers = [ maintainers.c0bw3b ]; + maintainers = with maintainers; [ c0bw3b ]; }; } From b94923b0d93de70cd012138a76f1528038b5f8ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 21 Apr 2021 07:35:43 +0200 Subject: [PATCH 51/67] rubyPackages: update --- pkgs/top-level/ruby-packages.nix | 307 ++++++++++++++++--------------- 1 file changed, 163 insertions(+), 144 deletions(-) diff --git a/pkgs/top-level/ruby-packages.nix b/pkgs/top-level/ruby-packages.nix index 0866fcad4630..1d928ce05a93 100644 --- a/pkgs/top-level/ruby-packages.nix +++ b/pkgs/top-level/ruby-packages.nix @@ -5,10 +5,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0clfsmkdqviwrjdc0fjqx3qs7xkq06bdl24f2qdyk4p2f0aszdw9"; + sha256 = "0dr6w3h7i7xyqd04aw66x2ddm7xinvlw02pkk1sxczi8x21z16hf"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; actionmailbox = { dependencies = ["actionpack" "activejob" "activerecord" "activestorage" "activesupport" "mail"]; @@ -16,10 +16,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14qcia1l2yjga3azgc381mk75xrddspkpxxvswrr6rg9453i70wf"; + sha256 = "0w3cq2m1qbmxp7yv3qs82ffn9y46vq5q04vqwxak6ln0ki0v4hn4"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; actionmailer = { dependencies = ["actionpack" "actionview" "activejob" "activesupport" "mail" "rails-dom-testing"]; @@ -27,10 +27,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17cnw2pi5gbll6wqqmp40wdxbg3v0kz1jmfdbg7kwdk8b4mkfqmw"; + sha256 = "1wsa6kcgjx5am9hn44q2afg174m2gda4n8bfk5na17nj48s9g1ii"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; actionpack = { dependencies = ["actionview" "activesupport" "rack" "rack-test" "rails-dom-testing" "rails-html-sanitizer"]; @@ -38,10 +38,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mbmizxyl2k6z386zqvvzg3i8b91g7ag4hfjmm7fpbc8p6j4kjmb"; + sha256 = "0brr9kbmmc4fr2x8a7kj88yv8whfjfvalik3h82ypxlbg5b1c9iz"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; actiontext = { dependencies = ["actionpack" "activerecord" "activestorage" "activesupport" "nokogiri"]; @@ -49,10 +49,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19dgv0zcq7k0wps7gbaiprrardqm74ija9zjydkv93anqqfw3rwd"; + sha256 = "04f7x7ycg73zc2v3lhvrnl072f7nl0nhp0sspfa2sqq14v4akmmb"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; actionview = { dependencies = ["activesupport" "builder" "erubi" "rails-dom-testing" "rails-html-sanitizer"]; @@ -60,10 +60,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1d68p974w96b3mg8q45cmwy2629dl615fm9in56fgb0k7vcrpazk"; + sha256 = "0m009iki20hhwwj713bqdw57hmz650l7drfbajw32xn2qnawf294"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; activejob = { dependencies = ["activesupport" "globalid"]; @@ -71,10 +71,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0pkiy5jy5xjgh4diw5wyc72w1r9s07p1qp1kpwv50a5q1ca12aw0"; + sha256 = "0zjwcfr4qyff9ln4hhjb1csbjpvr3z4pdgvg8axvhcs86h4xpy2n"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; activemodel = { dependencies = ["activesupport"]; @@ -82,10 +82,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "019gwxrbki4fr3n2c6g7qyyjw94z5qxjwalh2n69hh1anpcbrd98"; + sha256 = "118slj94hif5g1maaijlxsywrq75h7qdz20bq62303pkrzabjaxm"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; activerecord = { dependencies = ["activemodel" "activesupport"]; @@ -93,21 +93,21 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ag8wpfayzbv8n9gf9ca2k8rm9yndsxybvf7jv451j9r822mxzm8"; + sha256 = "1jva5iqnjmj76mhhxcvx6xzda071cy80bhxn3r79f76pvgwwyymg"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; activestorage = { - dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mimemagic"]; + dependencies = ["actionpack" "activejob" "activerecord" "activesupport" "marcel" "mini_mime"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0kzslp0990fjyxvlsxb7kdysx28mc3zvay4q3zp2wbfnpl1ik41j"; + sha256 = "1800ski0619mzyk2p2xcmy4xlym18g3lbqw8wb3ss06jhvn5dl5p"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; activesupport = { dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo" "zeitwerk"]; @@ -115,10 +115,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pflc2fch1bbgzk1rqgj21l6mgx025l92kd9arxjls98nf5am44v"; + sha256 = "0l0khgrb7zn611xjnmygv5wdxh7wq645f613wldn5397q5w3l9lc"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; addressable = { dependencies = ["public_suffix"]; @@ -136,10 +136,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1l3468czzjmxl93ap40hp7z94yxp4nbag0bxqs789bm30md90m2a"; + sha256 = "04nc8x27hlzlrr5c2gn7mar4vdr0apw5xg22wp6m8dx3wqr04a0y"; type = "gem"; }; - version = "2.4.1"; + version = "2.4.2"; }; atk = { dependencies = ["glib2"]; @@ -167,10 +167,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14arh1ixfsd6j5md0agyzvksm5svfkvchb90fp32nn7y3avcmc2h"; + sha256 = "0vkq6c8y2jvaw03ynds5vjzl1v9wg608cimkd3bidzxc0jvk56z9"; type = "gem"; }; - version = "1.8.0"; + version = "1.9.2"; }; bacon = { groups = ["default"]; @@ -203,15 +203,15 @@ version = "11.1.3"; }; cairo = { - dependencies = ["native-package-installer" "pkg-config"]; + dependencies = ["native-package-installer" "pkg-config" "red-colors"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00hiy6anibkjq9w77hg0lpgnkkbcxrfbz8wxv44jfzqbab8910wb"; + sha256 = "0vbj9szp2xbnxqan8hppip8vm9fxpcmpx745y5fvg2scdh9f0p7s"; type = "gem"; }; - version = "1.16.6"; + version = "1.17.5"; }; cairo-gobject = { dependencies = ["cairo" "glib2"]; @@ -291,10 +291,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jvpxf32l5y2ayj0jp9mv9n7vn61zingzd0s5f7490n584lwmvmg"; + sha256 = "1y04ig8p9rparhff5dh3781pwf1xlirgq8p0fzvggjjpx761bvra"; type = "gem"; }; - version = "3.4.1"; + version = "3.4.2"; }; cocoapods = { dependencies = ["activesupport" "claide" "cocoapods-core" "cocoapods-deintegrate" "cocoapods-downloader" "cocoapods-plugins" "cocoapods-search" "cocoapods-stats" "cocoapods-trunk" "cocoapods-try" "colored" "escape" "fourflusher" "molinillo" "nap" "xcodeproj"]; @@ -354,10 +354,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1b91sfsriizsr08m1vn9j4sf9sb8vgsyr6xjnw18bpy66bpwsqca"; + sha256 = "0syya8l1kz36069y7cx4f37aihpmbm4yd5wvifs3j8qzz8bpxpfi"; type = "gem"; }; - version = "0.0.2"; + version = "0.0.3"; }; cocoapods-core = { dependencies = ["activesupport" "fuzzy_match" "nap"]; @@ -458,10 +458,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1pwzrwp3sys5ad23lc49r3ja2ijzhzjfrq4bbrpbz1x5z7jsa77v"; + sha256 = "0vpn0y2r91cv9kr2kh6rwh51ipi90iyjfya8ir9grxh1ngv179ck"; type = "gem"; }; - version = "2.2.0"; + version = "2.2.2"; }; cocoapods-git_url_rewriter = { groups = ["default"]; @@ -583,10 +583,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ln4kywj4bx32qyqvr0byi3g4fk8yj026n00xch782x0147f8lka"; + sha256 = "1z50v9y66kl0s9s84syd8vai77hhysdaymmgbdmpaq54bra6xk72"; type = "gem"; }; - version = "0.0.11"; + version = "0.2.0"; }; cocoapods-wholemodule = { groups = ["default"]; @@ -643,10 +643,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1vnxrbhi7cq3p4y2v9iwd10v1c7l15is4var14hwnb2jip4fyjzz"; + sha256 = "0mr23wq0szj52xnj0zcn1k0c7j4v79wlwbijkpfcscqww3l6jlg3"; type = "gem"; }; - version = "1.1.7"; + version = "1.1.8"; }; crass = { groups = ["default"]; @@ -745,10 +745,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0wi81lynfdvbwhrc4ws746g3j8761vian4m9gxamdj9rjwj9jhls"; + sha256 = "1bpdrsdqwv80qqc3f4xxzpii13lx9mlx3zay4bnmmscrx8c0p63z"; type = "gem"; }; - version = "1.3.4"; + version = "1.3.5"; }; domain_name = { dependencies = ["unf"]; @@ -808,10 +808,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0gggrgkcq839mamx7a8jbnp2h7x2ykfn34ixwskwb0lzx2ak17g9"; + sha256 = "1cql2cxl9bg8gbmmlzl4kvpq7y0gjldgarsnxq35vpd7ga3h54w2"; type = "gem"; }; - version = "0.12.0"; + version = "0.13.0"; }; eventmachine = { groups = ["default"]; @@ -828,41 +828,61 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16ij8617v3js03yj1zd32mmrf7kpi9l96bid5mpqk30c4mzai55r"; + sha256 = "0jn8s74nxsh0vmxv2fjrrrc3b2cgp8d267dyn206hbw5ki4pkd85"; type = "gem"; }; - version = "0.78.1"; + version = "0.80.1"; }; faraday = { - dependencies = ["faraday-net_http" "multipart-post" "ruby2_keywords"]; + dependencies = ["faraday-excon" "faraday-net_http" "faraday-net_http_persistent" "multipart-post" "ruby2_keywords"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hmssd8pj4n7yq4kz834ylkla8ryyvhaap6q9nzymp93m1xq21kz"; + sha256 = "0q646m07lfahakx5jdq77j004rcgfj6lkg13c0f84993gi78dhvi"; type = "gem"; }; - version = "1.3.0"; + version = "1.4.1"; + }; + faraday-excon = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0h09wkb0k0bhm6dqsd47ac601qiaah8qdzjh8gvxfd376x1chmdh"; + type = "gem"; + }; + version = "1.1.0"; }; faraday-net_http = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1kk5d1c5nxbmwawl5gcznwiscjz24nz3vdhxrlzvj7748c1qqr6d"; + sha256 = "1fi8sda5hc54v1w3mqfl5yz09nhx35kglyx72w7b8xxvdr0cwi9j"; type = "gem"; }; - version = "1.0.0"; + version = "1.0.1"; + }; + faraday-net_http_persistent = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0l2c835wl7gv34xp49fhd1bl4czkpw2g3ahqsak2251iqv5589ka"; + type = "gem"; + }; + version = "1.1.0"; }; ffi = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15hgiy09i8ywjihyzyvjvk42ivi3kmy6dm21s5sgg9j7y3h3zkkx"; + sha256 = "0nq1fb3vbfylccwba64zblxy96qznxbys5900wd7gm9bpplmf432"; type = "gem"; }; - version = "1.14.2"; + version = "1.15.0"; }; ffi-compiler = { dependencies = ["ffi" "rake"]; @@ -1143,10 +1163,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1kr0bx9323fv5ys6nlhsy05kmwcbs94h6ac7ka9qqywy0vbdvrrv"; + sha256 = "0g2fnag935zn2ggm5cn6k4s4xvv53v2givj1j90szmvavlpya96a"; type = "gem"; }; - version = "1.8.7"; + version = "1.8.10"; }; iconv = { groups = ["default"]; @@ -1174,10 +1194,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "02llgsg30jz9kpxs8jzv6rvzaylw7948xj2grp4vsfg54z20cwbm"; + sha256 = "1vz0vp5lbp1bz2samyn8nk49vyh6zhvcqz35faq4i3kgsd4xlnhp"; type = "gem"; }; - version = "2.10.1"; + version = "2.11.2"; }; jekyll = { dependencies = ["addressable" "colorator" "em-websocket" "i18n" "jekyll-sass-converter" "jekyll-watch" "kramdown" "kramdown-parser-gfm" "liquid" "mercenary" "pathutil" "rouge" "safe_yaml" "terminal-table"]; @@ -1247,10 +1267,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "14ynyq1q483spj20ffl4xayfqx1a8qr761mqjfxczf8lwlap392n"; + sha256 = "036i5fc09275ms49mw43mh4i9pwaap778ra2pmx06ipzyyjl6bfs"; type = "gem"; }; - version = "2.2.2"; + version = "2.2.3"; }; kramdown = { dependencies = ["rexml"]; @@ -1280,10 +1300,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nw1gscax8zsv1m682h9f8vys26385nrwpkbigiifs5bsz6272rk"; + sha256 = "0h2sc2la6dd808pfnd7vh66fqwc7xg3nd2jqr4pdqymxspk9zcsq"; type = "gem"; }; - version = "1.4.2"; + version = "1.4.3"; }; libv8 = { groups = ["default"]; @@ -1321,10 +1341,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06hkw6mssx39fg3jqyq57czr5acd11nqs5631k0xs50lr2y2pv8p"; + sha256 = "0h2v34xhi30w0d9gfzds2w6v89grq2gkpgvmdj9m8x1ld1845xnj"; type = "gem"; }; - version = "3.4.0"; + version = "3.5.1"; }; loofah = { dependencies = ["crass" "nokogiri"]; @@ -1332,10 +1352,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ndimir6k3kfrh8qrb7ir1j836l4r3qlwyclwjh88b86clblhszh"; + sha256 = "1w9mbii8515p28xd4k72f3ab2g6xiyq15497ys5r8jn6m355lgi7"; type = "gem"; }; - version = "2.8.0"; + version = "2.9.1"; }; mab = { groups = ["default"]; @@ -1370,15 +1390,14 @@ version = "2.7.1"; }; marcel = { - dependencies = ["mimemagic"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nxbjmcyg8vlw6zwagf17l9y2mwkagmmkg95xybpn4bmf3rfnksx"; + sha256 = "0bp001p687nsa4a8sp3q1iv8pfhs24w7s3avychjp64sdkg6jxq3"; type = "gem"; }; - version = "0.3.3"; + version = "1.0.1"; }; markaby = { dependencies = ["builder"]; @@ -1427,20 +1446,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ipjyfwn9nlvpcl8knq3jk4g5f12cflwdbaiqxcq1s7vwfwfxcag"; + sha256 = "1phcq7z0zpipwd7y4fbqmlaqghv07fjjgrx99mwq3z3n0yvy7fmi"; type = "gem"; }; - version = "3.2020.1104"; - }; - mimemagic = { - groups = ["default"]; - platforms = []; - source = { - remotes = ["https://rubygems.org"]; - sha256 = "1qfqb9w76kmpb48frbzbyvjc0dfxh5qiw1kxdbv2y2kp6fxpa1kf"; - type = "gem"; - }; - version = "0.3.5"; + version = "3.2021.0225"; }; mini_magick = { groups = ["default"]; @@ -1457,10 +1466,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1axm0rxyx3ss93wbmfkm78a6x03l8y4qy60rhkkiq0aza0vwq3ha"; + sha256 = "1np6srnyagghhh2w4nyv09sz47v0i6ri3q6blicj94vgxqp12c94"; type = "gem"; }; - version = "1.0.2"; + version = "1.0.3"; }; mini_portile2 = { groups = ["default"]; @@ -1477,10 +1486,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ipjhdw8ds6q9h7bs3iw28bjrwkwp215hr4l3xf6215fsl80ky5j"; + sha256 = "19z7wkhg59y8abginfrm2wzplz7py3va8fyngiigngqvsws6cwgl"; type = "gem"; }; - version = "5.14.3"; + version = "5.14.4"; }; molinillo = { groups = ["default"]; @@ -1497,10 +1506,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lva6bkvb4mfa0m3bqn4lm4s4gi81c40jvdcsrxr6vng49q9daih"; + sha256 = "06iajjyhx0rvpn4yr3h1hc4w4w3k59bdmfhxnjzzh76wsrdxxrc6"; type = "gem"; }; - version = "1.3.3"; + version = "1.4.2"; }; multi_json = { groups = ["default"]; @@ -1568,10 +1577,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0piclgf6pw7hr10x57x0hn675djyna4sb3xc97yb9vh66wkx1fl0"; + sha256 = "1ww1mq41q7rda975byjmq5dk8k13v8dawvm33370pbkrymd8syp8"; type = "gem"; }; - version = "1.0.9"; + version = "1.1.1"; }; ncursesw = { groups = ["default"]; @@ -1619,10 +1628,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1cbwp1kbv6b2qfxv8sarv0d0ilb257jihlvdqj8f5pdm0ksq1sgk"; + sha256 = "00fwz0qq7agd2xkdz02i8li236qvwhma3p0jdn5bdvc21b7ydzd5"; type = "gem"; }; - version = "2.5.4"; + version = "2.5.7"; }; nokogiri = { dependencies = ["mini_portile2" "racc"]; @@ -1630,10 +1639,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ajwkqr28hwqbyl1l3czx4a34c88acxywyqp8cjyy0zgsd6sbhj2"; + sha256 = "19d78mdg2lbz9jb4ph6nk783c9jbsdm8rnllwhga6pd53xffp6x0"; type = "gem"; }; - version = "1.11.1"; + version = "1.11.3"; }; opus-ruby = { dependencies = ["ffi"]; @@ -1663,10 +1672,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zlk3bksiwrdvb7j0r5av7w280kigl7947wa7w4kbwqz3snaxl3m"; + sha256 = "0m2acfd6l6k9xvqxvwivcnwji9974ac7498znydxh69z1x3rr8nm"; type = "gem"; }; - version = "4.4.0"; + version = "4.4.1"; }; pango = { dependencies = ["cairo-gobject" "gobject-introspection"]; @@ -1695,10 +1704,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jixakyzmy0j5c1rb0fjrrdhgnyryvrr6vgcybs14jfw09akv5ml"; + sha256 = "04ri489irbbx6sbkclpgri7j7p99v2qib5g2i70xx5fay12ilny8"; type = "gem"; }; - version = "3.0.0.0"; + version = "3.0.1.0"; }; pathutil = { dependencies = ["forwardable-extended"]; @@ -1746,10 +1755,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "068sf963n2zk47kqcckj624g5pxmk68mm76h02piphfyh9x4zmi3"; + sha256 = "1mjjy1grxr64znkffxsvprcckbrrnm40b6gbllnbm7jxslbr3gjl"; type = "gem"; }; - version = "1.4.4"; + version = "1.4.6"; }; polyglot = { groups = ["default"]; @@ -1767,10 +1776,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0iyw4q4an2wmk8v5rn2ghfy2jaz9vmw2nk8415nnpx2s866934qk"; + sha256 = "0m445x8fwcjdyv2bc0glzss2nbm1ll51bq45knixapc7cl3dzdlr"; type = "gem"; }; - version = "0.13.1"; + version = "0.14.1"; }; pry-byebug = { dependencies = ["byebug" "pry"]; @@ -1778,10 +1787,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "096y5vmzpyy4x9h4ky4cs4y7d19vdq9vbwwrqafbh5gagzwhifiv"; + sha256 = "07cv2hddswb334777pjgc9avxn0x9qhrdr191g7windvnjk3scvg"; type = "gem"; }; - version = "3.9.0"; + version = "3.8.0"; }; pry-doc = { dependencies = ["pry" "yard"]; @@ -1810,10 +1819,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "13640p5fk19705ygp8j6p07lccag3d80bx8bmjgpd5zsxxsdc50b"; + sha256 = "0wiprd0v4mjqv5p1vqaidr9ci2xm08lcxdz1k50mb1b6nrw6r74k"; type = "gem"; }; - version = "5.1.1"; + version = "5.2.2"; }; racc = { groups = ["default"]; @@ -1896,10 +1905,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "179r2qymrh16ih5x563wqv3zpka9fvby5czqf47d24zm7zw1bwla"; + sha256 = "1m3ckisji9n3li2700jpkyncsrh5b2z20zb0b4jl5x16cwsymr7b"; type = "gem"; }; - version = "6.1.0"; + version = "6.1.3.1"; }; rainbow = { groups = ["default"]; @@ -1968,10 +1977,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16q71cc9wx342c697q18pkz19ym4ncjd97hcw4v6f1mgflkdv400"; + sha256 = "13za43xb5xfg1xb1vwlvwx14jlmnk7jal5dqw8q9a5g13csx41sw"; type = "gem"; }; - version = "1.2.0"; + version = "1.4.0"; + }; + red-colors = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "0ar2k7zvhr1215jx5di29hkg5h1798f1gypmq6v0sy9v35w6ijca"; + type = "gem"; + }; + version = "0.1.1"; }; redcarpet = { groups = ["default"]; @@ -2020,10 +2039,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zm86k9q8m5jkcnpb1f93wsvc57saldfj8czxkx1aw031i95inip"; + sha256 = "0vg7imjnfcqjx7kw94ccj5r78j4g190cqzi1i59sh4a0l940b9cr"; type = "gem"; }; - version = "2.0.3"; + version = "2.1.1"; }; rest-client = { dependencies = ["http-accept" "http-cookie" "mime-types" "netrc"]; @@ -2041,20 +2060,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mkvkcw9fhpaizrhca0pdgjcrbns48rlz4g6lavl5gjjq3rk2sq3"; + sha256 = "08ximcyfjy94pm1rhcx04ny1vx2sk0x4y185gzn86yfsbzwkng53"; type = "gem"; }; - version = "3.2.4"; + version = "3.2.5"; }; rmagick = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ajn6aisf9hh3x5zrs7n02pg5xy3m8x38gh9cn7b3klzgp3djla5"; + sha256 = "04ahv5gwfwdmwx6b7c0z91rrsfklvnqichgnqk1f9b9n6md3b8yw"; type = "gem"; }; - version = "4.1.2"; + version = "4.2.2"; }; rouge = { groups = ["default"]; @@ -2115,20 +2134,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1x4aks5qq489iikb4ir11ppy1dg83l4dw3s34jlwvc90mj2fjrql"; + sha256 = "1d13g6kipqqc9lmwz5b244pdwc97z15vcbnbq6n9rlf32bipdz4k"; type = "gem"; }; - version = "3.10.1"; + version = "3.10.2"; }; rspec-support = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lw9qdrff4dfdz62ww8cmv33rddmadr92k2lrvc042aajvk6x886"; + sha256 = "15j52parvb8cgvl6s0pbxi2ywxrv6x0764g222kz5flz0s4mycbl"; type = "gem"; }; - version = "3.10.1"; + version = "3.10.2"; }; rubocop = { dependencies = ["parallel" "parser" "rainbow" "regexp_parser" "rexml" "rubocop-ast" "ruby-progressbar" "unicode-display_width"]; @@ -2136,10 +2155,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "12kkyzyzh30mi9xs52lc1pjki1al4x9acdaikj40wslhpwp1ng1l"; + sha256 = "0cgrj670wrdw202pddiawcx2jbkcp7ja8zbc646by7nrg9ax492d"; type = "gem"; }; - version = "1.7.0"; + version = "1.13.0"; }; rubocop-ast = { dependencies = ["parser"]; @@ -2147,10 +2166,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qvfp567aprjgcwj757p55ynj0dx2b3c3hd76za9z3c43sphprcj"; + sha256 = "0gkf1p8yal38nlvdb39qaiy0gr85fxfr09j5dxh8qvrgpncpnk78"; type = "gem"; }; - version = "1.4.0"; + version = "1.4.1"; }; rubocop-performance = { dependencies = ["rubocop" "rubocop-ast"]; @@ -2158,10 +2177,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "01aahh54r9mwhdj7v2s6kmkdm1k1n1z27dlknlbgm281ny1aswrk"; + sha256 = "07c3kymvsid9aajwmmwr3n6apxgyjcbzbl2n6r5lpzkyz28jqn15"; type = "gem"; }; - version = "1.9.2"; + version = "1.10.2"; }; ruby-graphviz = { dependencies = ["rexml"]; @@ -2220,20 +2239,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0lk124dixshf8mmrjpsy9avnaygni3cwki25g8nm5py4d2f5fwwa"; + sha256 = "1wy58f9qijwvkmw1j40ak2v5nsr3wcwsa1nilfw047liwyi06yad"; type = "gem"; }; - version = "2.0.17"; + version = "2.1.0"; }; ruby2_keywords = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "17pcc0wgvh3ikrkr7bm3nx0qhyiqwidd13ij0fa50k7gsbnr2p0l"; + sha256 = "15wfcqxyfgka05v2a7kpg64x57gl1y4xzvnc9lh60bqx5sf1iqrs"; type = "gem"; }; - version = "0.0.2"; + version = "0.0.4"; }; RubyInline = { dependencies = ["ZenTest"]; @@ -2303,20 +2322,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1lanqba97ncv88m9r5a3i12n938j5hnpn06q55fxhayfls4fsgdn"; + sha256 = "13mlccf70slrjpxvpvmnk2cls39nkpgksa7sd90jlnm0s0z7lhdd"; type = "gem"; }; - version = "0.11.1"; + version = "0.11.4"; }; sequel = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ym43w8alp65fl8j7792i1l44laq9pm91zj97x0r340xkmaii9hp"; + sha256 = "0i2zbx3zkrppvf7zmk5hpiji9kj18c0yavcr2c3i0gaqskhzvaj9"; type = "gem"; }; - version = "5.40.0"; + version = "5.43.0"; }; sequel_pg = { dependencies = ["pg" "sequel"]; @@ -2335,10 +2354,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0vv68r61crcnyr5i2qi3h220xbwndsfzwcfzzdr6cmhcdczyr9n2"; + sha256 = "1hrv046jll6ad1s964gsmcq4hvkr3zzr6jc7z1mns22mvfpbc3cr"; type = "gem"; }; - version = "0.21.1"; + version = "0.21.2"; }; simplecov-html = { groups = ["default"]; @@ -2377,10 +2396,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0nqyam74izmbczwb406bsmgdzjz5r91d4lywlvdbxx5sl4g4256a"; + sha256 = "0516kmcypysgf2lw8zm8n9yghv6igqgphhfgmgyzgiin388xw4gj"; type = "gem"; }; - version = "2.6.0"; + version = "2.7.0"; }; slop = { groups = ["default"]; @@ -2439,10 +2458,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1g7398sn8syybz3nbf3dqwa8q8v3s3s444i24xl5q9pzx4g4nkf1"; + sha256 = "1nkwmlx0ja35gs4lkh7hmshlwsqk5wm1wqrc2p45icnjmrh0x5cw"; type = "gem"; }; - version = "1.0.1"; + version = "1.1.0"; }; terminal-table = { dependencies = ["unicode-display_width"]; @@ -2460,20 +2479,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xbhkmyhlxwzshaqa7swy2bx6vd64mm0wrr8g3jywvxy7hg0cwkm"; + sha256 = "18yhlvmfya23cs3pvhr1qy38y41b6mhr5q9vwv5lrgk16wmf3jna"; type = "gem"; }; - version = "1.0.1"; + version = "1.1.0"; }; thrift = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08076cmdx0g51yrkd7dlxlr45nflink3jhdiq7006ljc2pc3212q"; + sha256 = "1sfa4120a7yl3gxjcx990gyawsshfr22gfv5rvgpk72l2p9j2420"; type = "gem"; }; - version = "0.13.0"; + version = "0.14.1"; }; tilt = { groups = ["default"]; @@ -2595,10 +2614,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0ch19amq0spj5dc240mv6s8hh245w7nis2h070qr3jm15r4jb21m"; + sha256 = "092y84kak86ds2as9kwn5a9m2yzqwqcz4wx31jk3kin32c3hwcrn"; type = "gem"; }; - version = "5.0.1"; + version = "5.0.2"; }; xcodeproj = { dependencies = ["CFPropertyList" "atomos" "claide" "colored2" "nanaimo"]; From 045a4797bd94af988dace97529f1ba5078ce5c71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Wed, 21 Apr 2021 08:39:55 +0200 Subject: [PATCH 52/67] python3Packages.pytube: 10.7.1 -> 10.7.2 https://github.com/pytube/pytube/releases/tag/v10.7.2 --- pkgs/development/python-modules/pytube/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pytube/default.nix b/pkgs/development/python-modules/pytube/default.nix index 9f32da55ff1e..8bcfa8b6c7d9 100644 --- a/pkgs/development/python-modules/pytube/default.nix +++ b/pkgs/development/python-modules/pytube/default.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { pname = "pytube"; - version = "10.7.1"; + version = "10.7.2"; disabled = pythonOlder "3.6"; @@ -15,7 +15,7 @@ buildPythonPackage rec { owner = "pytube"; repo = "pytube"; rev = "v${version}"; - sha256 = "sha256-a9MYEQFJXfPXYkWiuZkjt/PGs73Dm5614/Xvv6Nn8RA="; + sha256 = "sha256-85pHzfQYyqwX8mQ5msIojM/0FSfeaC12KJw4mXmji3g="; }; checkInputs = [ From 433e28d7c8e6ed1e455ccc7b7b536f4c842cd9e1 Mon Sep 17 00:00:00 2001 From: Johannes Schleifenbaum Date: Wed, 21 Apr 2021 08:50:05 +0200 Subject: [PATCH 53/67] jellyfin-media-player: clarify GPL license --- pkgs/applications/video/jellyfin-media-player/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/video/jellyfin-media-player/default.nix b/pkgs/applications/video/jellyfin-media-player/default.nix index 5e7ece885038..10a3a8cc174b 100644 --- a/pkgs/applications/video/jellyfin-media-player/default.nix +++ b/pkgs/applications/video/jellyfin-media-player/default.nix @@ -103,7 +103,7 @@ mkDerivation rec { meta = with lib; { homepage = "https://github.com/jellyfin/jellyfin-media-player"; description = "Jellyfin Desktop Client based on Plex Media Player"; - license = with licenses; [ gpl2Plus mit ]; + license = with licenses; [ gpl2Only mit ]; platforms = [ "x86_64-linux" "x86_64-darwin" ]; maintainers = with maintainers; [ jojosch ]; }; From 9fab849fa82309124905ea2da7f3d7913c4b27b9 Mon Sep 17 00:00:00 2001 From: Johannes Schleifenbaum Date: Wed, 21 Apr 2021 08:50:25 +0200 Subject: [PATCH 54/67] python3Packages.jellyfin-apiclient-python: clarify GPL license --- .../python-modules/jellyfin-apiclient-python/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/jellyfin-apiclient-python/default.nix b/pkgs/development/python-modules/jellyfin-apiclient-python/default.nix index b06db621b730..84ea65a74773 100644 --- a/pkgs/development/python-modules/jellyfin-apiclient-python/default.nix +++ b/pkgs/development/python-modules/jellyfin-apiclient-python/default.nix @@ -19,7 +19,7 @@ buildPythonPackage rec { meta = with lib; { homepage = "https://github.com/jellyfin/jellyfin-apiclient-python"; description = "Python API client for Jellyfin"; - license = licenses.gpl3; + license = licenses.gpl3Only; maintainers = with maintainers; [ jojosch ]; }; } From 37c62a07d27dd2088361c919a2955f8f6f76ee11 Mon Sep 17 00:00:00 2001 From: Johannes Schleifenbaum Date: Wed, 21 Apr 2021 08:51:16 +0200 Subject: [PATCH 55/67] python3Packages.pystray: clarify GPL license --- pkgs/development/python-modules/pystray/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/pystray/default.nix b/pkgs/development/python-modules/pystray/default.nix index c0ae2be9e7b3..9b778f9e216c 100644 --- a/pkgs/development/python-modules/pystray/default.nix +++ b/pkgs/development/python-modules/pystray/default.nix @@ -25,7 +25,7 @@ buildPythonPackage rec { meta = with lib; { homepage = "https://github.com/moses-palmer/pystray"; description = "This library allows you to create a system tray icon"; - license = with licenses; [ gpl3Only lgpl3Only ]; + license = with licenses; [ gpl3Plus lgpl3Plus ]; platforms = platforms.linux; maintainers = with maintainers; [ jojosch ]; }; From 22a2c39a744209074d58dfe298095a9e3e5e675f Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Wed, 21 Apr 2021 08:59:20 +0200 Subject: [PATCH 56/67] cosign: 0.3.0 -> 0.3.1 Also, `cosign version` now displays the version. --- pkgs/tools/security/cosign/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/cosign/default.nix b/pkgs/tools/security/cosign/default.nix index 7b552316da3d..06bd7ca6c2dd 100644 --- a/pkgs/tools/security/cosign/default.nix +++ b/pkgs/tools/security/cosign/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "cosign"; - version = "0.3.0"; + version = "0.3.1"; src = fetchFromGitHub { owner = "sigstore"; repo = pname; rev = "v${version}"; - sha256 = "0hisjyn5z93w34gxvz1z0l74gmj8js5l3lbqhqz7pc0fra59lvx6"; + sha256 = "1gfzard6bh78xxgjk14c9zmdplppkcjqxhvfazcbv8qppjl2pbbd"; }; buildInputs = @@ -21,6 +21,8 @@ buildGoModule rec { subPackages = [ "cmd/cosign" ]; + buildFlagsArray = [ "-ldflags=-s -w -X github.com/sigstore/cosign/cmd/cosign/cli.gitVersion=${version}" ]; + meta = with lib; { homepage = "https://github.com/sigstore/cosign"; changelog = "https://github.com/sigstore/cosign/releases/tag/v${version}"; From 5cb6f477f4f66f830cd651130378005d13764c7d Mon Sep 17 00:00:00 2001 From: Euan Kemp Date: Wed, 21 Apr 2021 00:07:08 -0700 Subject: [PATCH 57/67] k3s: 1.20.5+k3s1 -> 1.20.6+k3s1 Fixes CVE-2021-25735. --- pkgs/applications/networking/cluster/k3s/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/cluster/k3s/default.nix b/pkgs/applications/networking/cluster/k3s/default.nix index fd5b2fff8b9c..4053a042bfac 100644 --- a/pkgs/applications/networking/cluster/k3s/default.nix +++ b/pkgs/applications/networking/cluster/k3s/default.nix @@ -44,7 +44,7 @@ with lib; # Those pieces of software we entirely ignore upstream's handling of, and just # make sure they're in the path if desired. let - k3sVersion = "1.20.5+k3s1"; # k3s git tag + k3sVersion = "1.20.6+k3s1"; # k3s git tag traefikChartVersion = "1.81.0"; # taken from ./scripts/download at the above k3s tag k3sRootVersion = "0.8.1"; # taken from ./scripts/download at the above k3s tag k3sCNIVersion = "0.8.6-k3s1"; # taken from ./scripts/version.sh at the above k3s tag @@ -96,7 +96,7 @@ let url = "https://github.com/k3s-io/k3s"; rev = "v${k3sVersion}"; leaveDotGit = true; # ./scripts/version.sh depends on git - sha256 = "sha256-7RAZkSTh15BEZ3p6u2xE9vd5fpy4KBYrl2TjtpIiStM="; + sha256 = "sha256-IIZotJKQ/+WNmfcEJU5wFtZBufWjUp4MeVCRk4tSjyQ="; }; # Stage 1 of the k3s build: # Let's talk about how k3s is structured. From 50a7cb2cfbcce473bdda321c0c4fbc6cef0a4946 Mon Sep 17 00:00:00 2001 From: Clemens Lutz Date: Wed, 21 Apr 2021 09:21:23 +0200 Subject: [PATCH 58/67] zoom-us 5.6.13632.0328 -> 5.6.16775.0418 --- .../instant-messengers/zoom-us/default.nix | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/zoom-us/default.nix b/pkgs/applications/networking/instant-messengers/zoom-us/default.nix index cdac4a2829b6..67127a04978d 100644 --- a/pkgs/applications/networking/instant-messengers/zoom-us/default.nix +++ b/pkgs/applications/networking/instant-messengers/zoom-us/default.nix @@ -7,6 +7,7 @@ , atk , cairo , dbus +, dpkg , libGL , fontconfig , freetype @@ -29,11 +30,11 @@ assert pulseaudioSupport -> libpulseaudio != null; let - version = "5.6.13632.0328"; + version = "5.6.16775.0418"; srcs = { x86_64-linux = fetchurl { - url = "https://zoom.us/client/${version}/zoom_x86_64.pkg.tar.xz"; - sha256 = "0nskpg3rbv40jcbih95sfdr0kfv5hjv50z9jdz1cddl8v7hbqg71"; + url = "https://zoom.us/client/${version}/zoom_amd64.deb"; + sha256 = "1fmzwxq8jv5k1b2kvg1ij9g6cdp1hladd8vm3cxzd8fywdjcndim"; }; }; @@ -70,17 +71,21 @@ in stdenv.mkDerivation rec { inherit version; src = srcs.${stdenv.hostPlatform.system}; - dontUnpack = true; - nativeBuildInputs = [ + dpkg makeWrapper ]; + unpackCmd = '' + mkdir out + dpkg -x $curSrc out + ''; + installPhase = '' runHook preInstall mkdir $out - tar -C $out -xf ${src} - mv $out/usr/* $out/ + mv usr/* $out/ + mv opt $out/ runHook postInstall ''; From 59522944d075f176b2c8c2136a228b3ab537a200 Mon Sep 17 00:00:00 2001 From: 06kellyjac Date: Wed, 21 Apr 2021 08:23:05 +0100 Subject: [PATCH 59/67] deno: 1.9.0 -> 1.9.1 --- pkgs/development/web/deno/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/web/deno/default.nix b/pkgs/development/web/deno/default.nix index 6faba30bf77f..a2e286d8bc56 100644 --- a/pkgs/development/web/deno/default.nix +++ b/pkgs/development/web/deno/default.nix @@ -15,15 +15,15 @@ rustPlatform.buildRustPackage rec { pname = "deno"; - version = "1.9.0"; + version = "1.9.1"; src = fetchFromGitHub { owner = "denoland"; repo = pname; rev = "v${version}"; - sha256 = "sha256-LrJGwsP+P8zXYwboF5791YuWGVdhcQJLOoBv+VzrYzs="; + sha256 = "sha256-h8dXGSu7DebzwZdc92A2d9xlYy6wD34phBUj5v5KuIc="; }; - cargoSha256 = "sha256-JDapls3nRNETri6nZPRjZFlAFVN1Owhp965zf0Rn3ug="; + cargoSha256 = "sha256-htxpaALOXFQpQ68YE4b0T0jhcCIONgUZwpMPCcSdcgs="; # Install completions post-install nativeBuildInputs = [ installShellFiles ]; From 840805562bf4fefe14f17311c250633084c38247 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Samuel=20Gr=C3=A4fenstein?= Date: Wed, 21 Apr 2021 10:03:49 +0200 Subject: [PATCH 60/67] linuxPackages.rtw88: 2021-04-01 -> 2021-04-19 --- pkgs/os-specific/linux/rtw88/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/rtw88/default.nix b/pkgs/os-specific/linux/rtw88/default.nix index 6b5e3211a9e0..423023512408 100644 --- a/pkgs/os-specific/linux/rtw88/default.nix +++ b/pkgs/os-specific/linux/rtw88/default.nix @@ -5,13 +5,13 @@ let in stdenv.mkDerivation { pname = "rtw88"; - version = "unstable-2021-04-01"; + version = "unstable-2021-04-19"; src = fetchFromGitHub { owner = "lwfinger"; repo = "rtw88"; - rev = "689ce370b0c2da207bb092065697f6cb455a00dc"; - hash = "sha256-gdfQxpzYJ9bEObc2iEapA0TPMZuXndBvEu6qwKqdhyo="; + rev = "0f3cc6a5973bc386d9cb542fc85a6ba027edff5d"; + hash = "sha256-PRzWXC1lre8gt1GfVdnaG836f5YK57P9a8tG20yef0w="; }; makeFlags = [ "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; From 04991f2ec8d0dc467faf3e7636664c716ba8a035 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 21 Apr 2021 10:04:27 +0200 Subject: [PATCH 61/67] python3Packages.hachoir: init at 3.1.2 --- .../python-modules/hachoir/default.nix | 35 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ pkgs/top-level/python-packages.nix | 2 ++ 3 files changed, 39 insertions(+) create mode 100644 pkgs/development/python-modules/hachoir/default.nix diff --git a/pkgs/development/python-modules/hachoir/default.nix b/pkgs/development/python-modules/hachoir/default.nix new file mode 100644 index 000000000000..2c46b14a2744 --- /dev/null +++ b/pkgs/development/python-modules/hachoir/default.nix @@ -0,0 +1,35 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, pytestCheckHook +, urwid +}: + +buildPythonPackage rec { + pname = "hachoir"; + version = "3.1.2"; + + src = fetchFromGitHub { + owner = "vstinner"; + repo = pname; + rev = version; + sha256 = "06544qmmimvaznwcjs8wwfih1frdd7anwcw5z07cf69l8p146p0y"; + }; + + propagatedBuildInputs = [ + urwid + ]; + + checkInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ "hachoir" ]; + + meta = with lib; { + description = "Python library to view and edit a binary stream"; + homepage = "https://hachoir.readthedocs.io/"; + license = with licenses; [ gpl2Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 74aac662d8e1..5e0af3b6fbda 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -23471,6 +23471,8 @@ in gxplugins-lv2 = callPackage ../applications/audio/gxplugins-lv2 { }; + hachoir = with python3Packages; toPythonApplication hachoir; + hackrf = callPackage ../applications/radio/hackrf { }; hacksaw = callPackage ../tools/misc/hacksaw {}; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 01219719acc6..59e57c5298c8 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -3069,6 +3069,8 @@ in { habanero = callPackage ../development/python-modules/habanero { }; + hachoir = callPackage ../development/python-modules/hachoir { }; + ha-ffmpeg = callPackage ../development/python-modules/ha-ffmpeg { }; halo = callPackage ../development/python-modules/halo { }; From 5a304b17ed7d2e3019d66f66d515f0a0d9ef102a Mon Sep 17 00:00:00 2001 From: 06kellyjac Date: Wed, 21 Apr 2021 09:06:45 +0100 Subject: [PATCH 62/67] cosign: use buildFlagsArray And add myself as a maintainer --- pkgs/tools/security/cosign/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/cosign/default.nix b/pkgs/tools/security/cosign/default.nix index 06bd7ca6c2dd..eb33d7dbb5f1 100644 --- a/pkgs/tools/security/cosign/default.nix +++ b/pkgs/tools/security/cosign/default.nix @@ -21,13 +21,15 @@ buildGoModule rec { subPackages = [ "cmd/cosign" ]; - buildFlagsArray = [ "-ldflags=-s -w -X github.com/sigstore/cosign/cmd/cosign/cli.gitVersion=${version}" ]; + preBuild = '' + buildFlagsArray+=("-ldflags" "-s -w -X github.com/sigstore/cosign/cmd/cosign/cli.gitVersion=v${version}") + ''; meta = with lib; { homepage = "https://github.com/sigstore/cosign"; changelog = "https://github.com/sigstore/cosign/releases/tag/v${version}"; description = "Container Signing CLI with support for ephemeral keys and Sigstore signing"; license = licenses.asl20; - maintainers = with maintainers; [ lesuisse ]; + maintainers = with maintainers; [ lesuisse jk ]; }; } From 20759ed994f4df5dd6824cf2032972ad00c034f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 21 Apr 2021 09:58:00 +0200 Subject: [PATCH 63/67] radare2: 5.1.1 -> 5.2.0 --- .../tools/analysis/radare2/default.nix | 51 ++++++++++--------- .../tools/analysis/radare2/update.py | 14 ----- 2 files changed, 26 insertions(+), 39 deletions(-) diff --git a/pkgs/development/tools/analysis/radare2/default.nix b/pkgs/development/tools/analysis/radare2/default.nix index 1622c6168606..cdade7c273cc 100644 --- a/pkgs/development/tools/analysis/radare2/default.nix +++ b/pkgs/development/tools/analysis/radare2/default.nix @@ -1,4 +1,5 @@ { lib +, fetchpatch , stdenv , fetchFromGitHub , buildPackages @@ -19,6 +20,7 @@ , python3 , ruby , lua +, capstone , useX11 ? false , rubyBindings ? false , pythonBindings ? false @@ -30,13 +32,11 @@ let # # DO NOT EDIT! Automatically generated by ./update.py - gittap = "5.1.1"; - gittip = "a86f8077fc148abd6443384362a3717cd4310e64"; - rev = "5.1.1"; - version = "5.1.1"; - sha256 = "0hv9x31iabasj12g8f04incr1rbcdkxi3xnqn3ggp8gl4h6pf2f3"; - cs_ver = "4.0.2"; - cs_sha256 = "0y5g74yjyliciawpn16zhdwya7bd3d7b1cccpcccc2wg8vni1k2w"; + gittap = "5.2.0"; + gittip = "cf3db945083fb4dab951874e5ec1283128deab11"; + rev = "5.2.0"; + version = "5.2.0"; + sha256 = "08azxfk6mw2vr0x4zbz0612rk7pj4mfz8shrzc9ima77wb52b8sm"; # in stdenv.mkDerivation { @@ -49,22 +49,13 @@ stdenv.mkDerivation { inherit rev sha256; }; - postPatch = - let - capstone = fetchFromGitHub { - owner = "aquynh"; - repo = "capstone"; - # version from $sourceRoot/shlr/Makefile - rev = cs_ver; - sha256 = cs_sha256; - }; - in - '' - mkdir -p build/shlr - cp -r ${capstone} capstone-${cs_ver} - chmod -R +w capstone-${cs_ver} - tar -czvf shlr/capstone-${cs_ver}.tar.gz capstone-${cs_ver} - ''; + patches = [ + # fix build against openssl, included in next release + (fetchpatch { + url = "https://github.com/radareorg/radare2/commit/e5e7469b6450c374e0884d35d44824e1a4eb46b4.patch"; + sha256 = "sha256-xTmMHvUdW7d2QG7d4hlvMgEcegND7pGU745TWGqzY44="; + }) + ]; postInstall = '' install -D -m755 $src/binr/r2pm/r2pm $out/bin/r2pm @@ -80,6 +71,7 @@ stdenv.mkDerivation { "--with-sysmagic" "--with-syszip" "--with-sysxxhash" + "--with-syscapstone" "--with-openssl" ]; @@ -87,8 +79,17 @@ stdenv.mkDerivation { depsBuildBuild = [ buildPackages.stdenv.cc ]; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ file readline libusb-compat-0_1 libewf perl zlib openssl libuv ] - ++ optional useX11 [ gtkdialog vte gtk2 ] + buildInputs = [ + capstone + file + readline + libusb-compat-0_1 + libewf + perl + zlib + openssl + libuv + ] ++ optional useX11 [ gtkdialog vte gtk2 ] ++ optional rubyBindings [ ruby ] ++ optional pythonBindings [ python3 ] ++ optional luaBindings [ lua ]; diff --git a/pkgs/development/tools/analysis/radare2/update.py b/pkgs/development/tools/analysis/radare2/update.py index a860d226df27..e1dfc071cd38 100755 --- a/pkgs/development/tools/analysis/radare2/update.py +++ b/pkgs/development/tools/analysis/radare2/update.py @@ -55,24 +55,12 @@ def git(dirname: str, *args: str) -> str: def get_repo_info(dirname: str, rev: str) -> Dict[str, str]: sha256 = prefetch_github("radare", "radare2", rev) - cs_ver = None - with open(Path(dirname).joinpath("shlr", "Makefile")) as makefile: - for l in makefile: - match = re.match("CS_VER=(\S+)", l) - if match: - cs_ver = match.group(1) - assert cs_ver is not None - - cs_sha256 = prefetch_github("aquynh", "capstone", cs_ver) - return dict( rev=rev, sha256=sha256, version_commit=git(dirname, "rev-list", "--all", "--count"), gittap=git(dirname, "describe", "--tags", "--match", "[0-9]*"), gittip=git(dirname, "rev-parse", "HEAD"), - cs_ver=cs_ver, - cs_sha256=cs_sha256, ) @@ -107,8 +95,6 @@ def main() -> None: rev = "{info["rev"]}"; version = "{version}"; sha256 = "{info["sha256"]}"; - cs_ver = "{info["cs_ver"]}"; - cs_sha256 = "{info["cs_sha256"]}"; #""" ) elif "#" in l: From 436161a2b83cf747af18389d0f0520488b449c4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Domen=20Ko=C5=BEar?= Date: Tue, 20 Apr 2021 08:13:07 +0100 Subject: [PATCH 64/67] Update .github/workflows/direct-push.yml Co-authored-by: zowoq <59103226+zowoq@users.noreply.github.com> --- .github/workflows/direct-push.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/direct-push.yml b/.github/workflows/direct-push.yml index 554cffa3a998..6177004295ff 100644 --- a/.github/workflows/direct-push.yml +++ b/.github/workflows/direct-push.yml @@ -7,6 +7,7 @@ on: jobs: build: runs-on: ubuntu-latest + if: github.repository_owner == 'NixOS' env: GITHUB_SHA: ${{ github.sha }} GITHUB_REPOSITORY: ${{ github.repository }} @@ -25,4 +26,4 @@ jobs: instead of going through a Pull Request. That's highly discouraged beyond the few exceptions listed - on https://github.com/NixOS/nixpkgs/issues/118661. + on https://github.com/NixOS/nixpkgs/issues/118661 From 9b9782834d597cd56d6f27b6a2875a9fc4cfb00e Mon Sep 17 00:00:00 2001 From: Max Wittig Date: Wed, 21 Apr 2021 11:04:21 +0200 Subject: [PATCH 65/67] gitlab-runner: 13.10.0 -> 13.11.0 --- .../continuous-integration/gitlab-runner/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix b/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix index eeffee057d4a..d03d59edb1fc 100644 --- a/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix +++ b/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix @@ -1,16 +1,16 @@ { lib, buildGoPackage, fetchFromGitLab, fetchurl }: let - version = "13.10.0"; + version = "13.11.0"; # Gitlab runner embeds some docker images these are prebuilt for arm and x86_64 docker_x86_64 = fetchurl { url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/helper-images/prebuilt-x86_64.tar.xz"; - sha256 = "0lw087xcbzf4d68mq0h0s31na7lww2d9nv43icw9qx05aknlcddv"; + sha256 = "1vmj7vxz1a4js9kqz7mm6xgnkmb37c1jbx2lwsq2qkrybkxfcw8k"; }; docker_arm = fetchurl { url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/helper-images/prebuilt-arm.tar.xz"; - sha256 = "1mf3w85ivc8r2rmb78r4b87rrxmbb1zda9pp8n4nvd0igg23xqk8"; + sha256 = "1c1pywz7ylaysplvq1m15v7rf1sgdkh9scbqklzcm55fjk128lif"; }; in buildGoPackage rec { @@ -30,7 +30,7 @@ buildGoPackage rec { owner = "gitlab-org"; repo = "gitlab-runner"; rev = "v${version}"; - sha256 = "0xy5mpcpxcmwfdrspd29z8nyn1m9i4ma7d5kbihwa2yxznylydpx"; + sha256 = "07jqsxac50xwmhlv0nbnn098290nkpsmrxw872yh67n1s9gqfd27"; }; patches = [ ./fix-shell-path.patch ]; From b3abdc9534a675da2aa7631d505a5f71ef30ecfa Mon Sep 17 00:00:00 2001 From: Matthieu Coudron Date: Wed, 21 Apr 2021 12:55:05 +0200 Subject: [PATCH 66/67] tests.vim: init (moved from vim-utils.nix) (#119467) * tests.vim: init (moved from vim-utils.nix) Moved tests from pkgs/misc/vim-plugins/vim-utils.nix to pkgs/test/vim. Also reduced the amount of generated config: - Make it possible to have an empty config when configured adequately - removed default vim config when using native packages, it could be source of bugs see linked issues (syntax on overrides vim highlights) Things to watch out for: - if you set configure.beforePlugins yourself, you will need to add set nocompatible too not to lose it - filetype indent plugin on | syn on is not enabled anymore by default for the vim-plug installer: I dont think we should override vim defualts, at least not here since it is shared with neovim. Also sometimes it's enabled before plugins (pathogen etc,) which is not consistent. you can run the tests via $ nix-build -A tests.vim --- pkgs/applications/editors/neovim/wrapper.nix | 1 - pkgs/misc/vim-plugins/vim-utils.nix | 159 ++++++------------- pkgs/test/default.nix | 2 + pkgs/test/vim/default.nix | 72 +++++++++ 4 files changed, 122 insertions(+), 112 deletions(-) create mode 100644 pkgs/test/vim/default.nix diff --git a/pkgs/applications/editors/neovim/wrapper.nix b/pkgs/applications/editors/neovim/wrapper.nix index 41ff62a619fb..8b42191bde69 100644 --- a/pkgs/applications/editors/neovim/wrapper.nix +++ b/pkgs/applications/editors/neovim/wrapper.nix @@ -1,5 +1,4 @@ { stdenv, symlinkJoin, lib, makeWrapper -, vimUtils , writeText , bundlerEnv, ruby , nodejs diff --git a/pkgs/misc/vim-plugins/vim-utils.nix b/pkgs/misc/vim-plugins/vim-utils.nix index fd66c48ecb2c..c55e8aa0a011 100644 --- a/pkgs/misc/vim-plugins/vim-utils.nix +++ b/pkgs/misc/vim-plugins/vim-utils.nix @@ -1,4 +1,5 @@ -{ lib, stdenv, vim, vimPlugins, vim_configurable, neovim, buildEnv, writeText, writeScriptBin +# tests available at pkgs/test/vim +{ lib, stdenv, vim, vimPlugins, vim_configurable, buildEnv, writeText, writeScriptBin , nix-prefetch-hg, nix-prefetch-git , fetchFromGitHub, runtimeShell }: @@ -183,13 +184,49 @@ let rtpPath = "share/vim-plugins"; + nativeImpl = packages: lib.optionalString (packages != null) + (let + link = (packageName: dir: pluginPath: "ln -sf ${pluginPath}/share/vim-plugins/* $out/pack/${packageName}/${dir}"); + packageLinks = (packageName: {start ? [], opt ? []}: + let + # `nativeImpl` expects packages to be derivations, not strings (as + # opposed to older implementations that have to maintain backwards + # compatibility). Therefore we don't need to deal with "knownPlugins" + # and can simply pass `null`. + depsOfOptionalPlugins = lib.subtractLists opt (findDependenciesRecursively opt); + startWithDeps = findDependenciesRecursively start; + in + [ "mkdir -p $out/pack/${packageName}/start" ] + # To avoid confusion, even dependencies of optional plugins are added + # to `start` (except if they are explicitly listed as optional plugins). + ++ (builtins.map (link packageName "start") (lib.unique (startWithDeps ++ depsOfOptionalPlugins))) + ++ ["mkdir -p $out/pack/${packageName}/opt"] + ++ (builtins.map (link packageName "opt") opt) + ); + packDir = (packages: + stdenv.mkDerivation { + name = "vim-pack-dir"; + src = ./.; + installPhase = lib.concatStringsSep "\n" (lib.flatten (lib.mapAttrsToList packageLinks packages)); + preferLocalBuild = true; + } + ); + in + '' + set packpath^=${packDir packages} + set runtimepath^=${packDir packages} + ''); + vimrcContent = { packages ? null, vam ? null, pathogen ? null, plug ? null, - beforePlugins ? "", - customRC ? "" + beforePlugins ? '' + " configuration generated by NIX + set nocompatible + '', + customRC ? null }: let @@ -301,56 +338,16 @@ let call vam#Scripts(l, {}) ''); - nativeImpl = lib.optionalString (packages != null) - (let - link = (packageName: dir: pluginPath: "ln -sf ${pluginPath}/share/vim-plugins/* $out/pack/${packageName}/${dir}"); - packageLinks = (packageName: {start ? [], opt ? []}: - let - # `nativeImpl` expects packages to be derivations, not strings (as - # opposed to older implementations that have to maintain backwards - # compatibility). Therefore we don't need to deal with "knownPlugins" - # and can simply pass `null`. - depsOfOptionalPlugins = lib.subtractLists opt (findDependenciesRecursively opt); - startWithDeps = findDependenciesRecursively start; - in - ["mkdir -p $out/pack/${packageName}/start"] - # To avoid confusion, even dependencies of optional plugins are added - # to `start` (except if they are explicitly listed as optional plugins). - ++ (builtins.map (link packageName "start") (lib.unique (startWithDeps ++ depsOfOptionalPlugins))) - ++ ["mkdir -p $out/pack/${packageName}/opt"] - ++ (builtins.map (link packageName "opt") opt) - ); - packDir = (packages: - stdenv.mkDerivation { - name = "vim-pack-dir"; - src = ./.; - installPhase = lib.concatStringsSep - "\n" - (lib.flatten (lib.mapAttrsToList packageLinks packages)); - preferLocalBuild = true; - } - ); - in - '' - set packpath^=${packDir packages} - set runtimepath^=${packDir packages} + entries = [ + beforePlugins + vamImpl pathogenImpl plugImpl + (nativeImpl packages) + customRC + ]; - filetype indent plugin on | syn on - ''); + in + lib.concatStringsSep "\n" (lib.filter (x: x != null && x != "") entries); - in '' - " configuration generated by NIX - set nocompatible - - ${beforePlugins} - - ${vamImpl} - ${pathogenImpl} - ${plugImpl} - ${nativeImpl} - - ${customRC} - ''; vimrcFile = settings: writeText "vimrc" (vimrcContent settings); in @@ -448,8 +445,6 @@ rec { ''; }; - vim_with_vim2nix = vim_configurable.customize { name = "vim"; vimrcConfig.vam.pluginDictionaries = [ "vim-addon-vim2nix" ]; }; - inherit (import ./build-vim-plugin.nix { inherit lib stdenv rtpPath vim; }) buildVimPlugin buildVimPluginFrom2Nix; # used to figure out which python dependencies etc. neovim needs @@ -475,62 +470,4 @@ rec { nativePlugins = lib.concatMap ({start?[], opt?[], knownPlugins?vimPlugins}: start++opt) nativePluginsConfigs; in nativePlugins ++ nonNativePlugins; - - - # test cases: - test_vim_with_vim_nix_using_vam = vim_configurable.customize { - name = "vim-with-vim-addon-nix-using-vam"; - vimrcConfig.vam.pluginDictionaries = [{name = "vim-nix"; }]; - }; - - test_vim_with_vim_nix_using_pathogen = vim_configurable.customize { - name = "vim-with-vim-addon-nix-using-pathogen"; - vimrcConfig.pathogen.pluginNames = [ "vim-nix" ]; - }; - - test_vim_with_vim_nix_using_plug = vim_configurable.customize { - name = "vim-with-vim-addon-nix-using-plug"; - vimrcConfig.plug.plugins = with vimPlugins; [ vim-nix ]; - }; - - test_vim_with_vim_nix = vim_configurable.customize { - name = "vim-with-vim-addon-nix"; - vimrcConfig.packages.myVimPackage.start = with vimPlugins; [ vim-nix ]; - }; - - # only neovim makes use of `requiredPlugins`, test this here - test_nvim_with_vim_nix_using_pathogen = neovim.override { - configure.pathogen.pluginNames = [ "vim-nix" ]; - }; - - # regression test for https://github.com/NixOS/nixpkgs/issues/53112 - # The user may have specified their own plugins which may not be formatted - # exactly as the generated ones. In particular, they may not have the `pname` - # attribute. - test_vim_with_custom_plugin = vim_configurable.customize { - name = "vim_with_custom_plugin"; - vimrcConfig.vam.knownPlugins = - vimPlugins // ({ - vim-trailing-whitespace = buildVimPluginFrom2Nix { - name = "vim-trailing-whitespace"; - src = fetchFromGitHub { - owner = "bronson"; - repo = "vim-trailing-whitespace"; - rev = "4c596548216b7c19971f8fc94e38ef1a2b55fee6"; - sha256 = "0f1cpnp1nxb4i5hgymjn2yn3k1jwkqmlgw1g02sq270lavp2dzs9"; - }; - # make sure string dependencies are handled - dependencies = [ "vim-nix" ]; - }; - }); - vimrcConfig.vam.pluginDictionaries = [ { names = [ "vim-trailing-whitespace" ]; } ]; - }; - - # system remote plugin manifest should be generated, deoplete should be usable - # without the user having to do `UpdateRemotePlugins`. To test, launch neovim - # and do `:call deoplete#enable()`. It will print an error if the remote - # plugin is not registered. - test_nvim_with_remote_plugin = neovim.override { - configure.pathogen.pluginNames = with vimPlugins; [ deoplete-nvim ]; - }; } diff --git a/pkgs/test/default.nix b/pkgs/test/default.nix index fa93ceb0721e..b24fc539c93d 100644 --- a/pkgs/test/default.nix +++ b/pkgs/test/default.nix @@ -41,6 +41,8 @@ with pkgs; rustCustomSysroot = callPackage ./rust-sysroot {}; buildRustCrate = callPackage ../build-support/rust/build-rust-crate/test { }; + vim = callPackage ./vim {}; + nixos-functions = callPackage ./nixos-functions {}; patch-shebangs = callPackage ./patch-shebangs {}; diff --git a/pkgs/test/vim/default.nix b/pkgs/test/vim/default.nix new file mode 100644 index 000000000000..4ca004a60c34 --- /dev/null +++ b/pkgs/test/vim/default.nix @@ -0,0 +1,72 @@ +{ vimUtils, vim_configurable, neovim, vimPlugins +, lib, fetchFromGitHub, +}: +let + inherit (vimUtils) buildVimPluginFrom2Nix; + + packages.myVimPackage.start = with vimPlugins; [ vim-nix ]; +in +{ + vim_empty_config = vimUtils.vimrcFile { beforePlugins = ""; customRC = ""; }; + + vim_with_vim2nix = vim_configurable.customize { + name = "vim"; vimrcConfig.vam.pluginDictionaries = [ "vim-addon-vim2nix" ]; + }; + + # test cases: + test_vim_with_vim_nix_using_vam = vim_configurable.customize { + name = "vim-with-vim-addon-nix-using-vam"; + vimrcConfig.vam.pluginDictionaries = [{name = "vim-nix"; }]; + }; + + test_vim_with_vim_nix_using_pathogen = vim_configurable.customize { + name = "vim-with-vim-addon-nix-using-pathogen"; + vimrcConfig.pathogen.pluginNames = [ "vim-nix" ]; + }; + + test_vim_with_vim_nix_using_plug = vim_configurable.customize { + name = "vim-with-vim-addon-nix-using-plug"; + vimrcConfig.plug.plugins = with vimPlugins; [ vim-nix ]; + }; + + test_vim_with_vim_nix = vim_configurable.customize { + name = "vim-with-vim-addon-nix"; + vimrcConfig.packages.myVimPackage.start = with vimPlugins; [ vim-nix ]; + }; + + # only neovim makes use of `requiredPlugins`, test this here + test_nvim_with_vim_nix_using_pathogen = neovim.override { + configure.pathogen.pluginNames = [ "vim-nix" ]; + }; + + # regression test for https://github.com/NixOS/nixpkgs/issues/53112 + # The user may have specified their own plugins which may not be formatted + # exactly as the generated ones. In particular, they may not have the `pname` + # attribute. + test_vim_with_custom_plugin = vim_configurable.customize { + name = "vim_with_custom_plugin"; + vimrcConfig.vam.knownPlugins = + vimPlugins // ({ + vim-trailing-whitespace = buildVimPluginFrom2Nix { + name = "vim-trailing-whitespace"; + src = fetchFromGitHub { + owner = "bronson"; + repo = "vim-trailing-whitespace"; + rev = "4c596548216b7c19971f8fc94e38ef1a2b55fee6"; + sha256 = "0f1cpnp1nxb4i5hgymjn2yn3k1jwkqmlgw1g02sq270lavp2dzs9"; + }; + # make sure string dependencies are handled + dependencies = [ "vim-nix" ]; + }; + }); + vimrcConfig.vam.pluginDictionaries = [ { names = [ "vim-trailing-whitespace" ]; } ]; + }; + + # system remote plugin manifest should be generated, deoplete should be usable + # without the user having to do `UpdateRemotePlugins`. To test, launch neovim + # and do `:call deoplete#enable()`. It will print an error if the remote + # plugin is not registered. + test_nvim_with_remote_plugin = neovim.override { + configure.pathogen.pluginNames = with vimPlugins; [ deoplete-nvim ]; + }; +} From 1f1a77bdb748df4615aa303121f5cecf3ca937cc Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Wed, 14 Apr 2021 08:09:20 +0200 Subject: [PATCH 67/67] ocamlPackages.labltk: fix ocamlbrowser by wrapping Also remove legacy versions --- .../ocaml-modules/labltk/default.nix | 54 +++++++------------ 1 file changed, 19 insertions(+), 35 deletions(-) diff --git a/pkgs/development/ocaml-modules/labltk/default.nix b/pkgs/development/ocaml-modules/labltk/default.nix index 3ee09b2d51c9..5a6daa54de39 100644 --- a/pkgs/development/ocaml-modules/labltk/default.nix +++ b/pkgs/development/ocaml-modules/labltk/default.nix @@ -1,46 +1,24 @@ -{ stdenv, lib, fetchurl, fetchzip, ocaml, findlib, tcl, tk }: +{ stdenv, lib, makeWrapper, fetchzip, ocaml, findlib, tcl, tk }: -let OCamlVersionAtLeast = lib.versionAtLeast ocaml.version; in - -if !OCamlVersionAtLeast "4.04" -then throw "labltk is not available for OCaml ${ocaml.version}" -else - -let param = - let mkNewParam = { version, sha256 }: { +let + params = + let mkNewParam = { version, sha256, rev ? version }: { inherit version; src = fetchzip { - url = "https://github.com/garrigue/labltk/archive/${version}.tar.gz"; + url = "https://github.com/garrigue/labltk/archive/${rev}.tar.gz"; inherit sha256; }; }; in - let mkOldParam = { version, key, sha256 }: { - src = fetchurl { - url = "https://forge.ocamlcore.org/frs/download.php/${key}/labltk-${version}.tar.gz"; - inherit sha256; - }; - inherit version; - }; in rec { - "4.04" = mkOldParam { - version = "8.06.2"; - key = "1628"; - sha256 = "1p97j9s33axkb4yyl0byhmhlyczqarb886ajpyggizy2br3a0bmk"; - }; - "4.05" = mkOldParam { - version = "8.06.3"; - key = "1701"; - sha256 = "1rka9jpg3kxqn7dmgfsa7pmsdwm16x7cn4sh15ijyyrad9phgdxn"; - }; - "4.06" = mkOldParam { + "4.06" = mkNewParam { version = "8.06.4"; - key = "1727"; - sha256 = "0j3rz0zz4r993wa3ssnk5s416b1jhj58l6z2jk8238a86y7xqcii"; + rev = "labltk-8.06.4"; + sha256 = "03xwnnnahb2rf4siymzqyqy8zgrx3h26qxjgbp5dh1wdl7n02c7g"; }; - "4.07" = mkOldParam { + "4.07" = mkNewParam { version = "8.06.5"; - key = "1764"; - sha256 = "0wgx65y1wkgf22ihpqmspqfp95fqbj3pldhp1p3b1mi8rmc37zwj"; + rev = "1b71e2c6f3ae6847d3d5e79bf099deb7330fb419"; + sha256 = "02vchmrm3izrk7daldd22harhgrjhmbw6i1pqw6hmfmrmrypypg2"; }; _8_06_7 = mkNewParam { version = "8.06.7"; @@ -60,14 +38,16 @@ let param = version = "8.06.10"; sha256 = "06cck7wijq4zdshzhxm6jyl8k3j0zglj2axsyfk6q1sq754zyf4a"; }; -}.${builtins.substring 0 4 ocaml.version}; + }; + param = params . ${lib.versions.majorMinor ocaml.version} + or (throw "labltk is not available for OCaml ${ocaml.version}"); in stdenv.mkDerivation rec { inherit (param) version src; name = "ocaml${ocaml.version}-labltk-${version}"; - buildInputs = [ ocaml findlib tcl tk ]; + buildInputs = [ ocaml findlib tcl tk makeWrapper ]; configureFlags = [ "--use-findlib" "--installbindir" "$(out)/bin" ]; dontAddPrefix = true; @@ -79,6 +59,10 @@ stdenv.mkDerivation rec { postInstall = '' mkdir -p $OCAMLFIND_DESTDIR/stublibs mv $OCAMLFIND_DESTDIR/labltk/dlllabltk.so $OCAMLFIND_DESTDIR/stublibs/ + for p in $out/bin/* + do + wrapProgram $p --set CAML_LD_LIBRARY_PATH $OCAMLFIND_DESTDIR/stublibs + done ''; meta = {